Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-39828 (GCVE-0-2026-39828)
Vulnerability from cvelistv5 – Published: 2026-05-22 02:31 – Updated: 2026-07-10 12:05| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/crypto | golang.org/x/crypto/ssh |
Affected:
0 , < 0.52.0
(semver)
|
|
| Red Hat | RHEM 1.0 for RHEL 9 |
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | DevWorkspace Operator 0.42 |
cpe:/a:redhat:devworkspace:0.42::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.10 |
cpe:/a:redhat:advanced_cluster_security:4.10::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.11 |
cpe:/a:redhat:advanced_cluster_security:4.11::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Edge Manager 1.0 |
cpe:/a:redhat:edge_manager:1.0::el9 |
|
| Red Hat | Red Hat OpenShift Builds 1.7.4 |
cpe:/a:redhat:openshift_builds:1.7::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.22 |
cpe:/a:redhat:openshift_data_foundation:4.22::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.4 |
cpe:/a:redhat:trusted_artifact_signer:1.4::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
cpe:/a:redhat:multicluster_engine:2.6::el8 |
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Confidential Compute Attestation |
cpe:/a:redhat:confidential_compute_attestation:1 |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | OpenShift API for Data Protection |
cpe:/a:redhat:openshift_api_data_protection:1 |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat Advanced Cluster Security 4 |
cpe:/a:redhat:advanced_cluster_security:4 |
|
| Red Hat | Red Hat Ceph Storage 9 |
cpe:/a:redhat:ceph_storage:9 |
|
| Red Hat | Red Hat Edge Manager 1 |
cpe:/a:redhat:edge_manager:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift on AWS |
cpe:/a:redhat:openshift_service_on_aws:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Trusted Artifact Signer |
cpe:/a:redhat:trusted_artifact_signer:1 |
|
| Red Hat | Security Profiles Operator |
cpe:/a:redhat:openshift_security_profiles_operator:1 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Openshift Data Foundation 4 |
cpe:/a:redhat:openshift_data_foundation:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-39828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-22T17:43:55.428395Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T17:44:19.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"product": "RHEM 1.0 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:devworkspace:0.42::el9"
],
"defaultStatus": "affected",
"product": "DevWorkspace Operator 0.42",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.11::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.11",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Edge Manager 1.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_builds:1.7::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Builds 1.7.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.22::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.22",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el8"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:9"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1"
],
"defaultStatus": "affected",
"product": "Red Hat Edge Manager 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "unaffected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "unaffected",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:17.1"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-22T02:31:26.883Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-10T12:05:42.948Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"name": "RHBZ#2480687",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26547"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36207"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26546"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37387"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37268"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37278"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37286"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:37296"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36105"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:36167"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:36796: RHEM 1.0 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:36808: DevWorkspace Operator 0.42"
},
{
"lang": "en",
"value": "RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11"
},
{
"lang": "en",
"value": "RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:36651: Red Hat Edge Manager 1.0"
},
{
"lang": "en",
"value": "RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4"
},
{
"lang": "en",
"value": "RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22"
},
{
"lang": "en",
"value": "RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37271: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37268: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37272: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37278: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37286: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:37296: Red Hat Trusted Artifact Signer 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:36105: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:36167: multicluster engine for Kubernetes 2.6"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-22T04:01:46.775Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-22T02:31:26.883Z",
"value": "Made public."
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/crypto/ssh",
"product": "golang.org/x/crypto/ssh",
"programRoutines": [
{
"name": "connection.serverAuthenticate"
},
{
"name": "NewServerConn"
}
],
"vendor": "golang.org/x/crypto",
"versions": [
{
"lessThan": "0.52.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NCC Group Cryptography Services, sponsored by Teleport"
}
],
"descriptions": [
{
"lang": "en",
"value": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-863: Incorrect Authorization",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T02:31:26.883Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/79562"
},
{
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"url": "https://go.dev/cl/781621"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"title": "Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-39828",
"datePublished": "2026-05-22T02:31:26.883Z",
"dateReserved": "2026-04-07T18:13:03.528Z",
"dateUpdated": "2026-07-10T12:05:42.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-39828",
"date": "2026-07-10",
"epss": "0.00314",
"percentile": "0.23316"
},
"microsoft_vex": {
"current_release_date": "2026-07-06T14:41:43.000Z",
"cve": "CVE-2026-39828",
"id": "msrc_CVE-2026-39828",
"initial_release_date": "2026-05-02T00:00:00.000Z",
"product_status:fixed": "10",
"product_status:known_affected": "17",
"product_status:known_not_affected": "2",
"source": "Microsoft CSAF VEX",
"status": "final",
"title": "Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-39828.json",
"version": "9"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-39828\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-05-22T04:16:22.190\",\"lastModified\":\"2026-07-10T12:16:44.713\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/crypto\",\"product\":\"golang.org/x/crypto/ssh\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/crypto/ssh\",\"programRoutines\":[{\"name\":\"connection.serverAuthenticate\"},{\"name\":\"NewServerConn\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.52.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"RHEM 1.0 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"DevWorkspace Operator 0.42\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:devworkspace:0.42::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.11\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.7.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.7::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.22\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer 1.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift on AWS\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_service_on_aws:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Security Profiles Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_security_profiles_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 17.1\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openstack:17.1\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-22T17:43:55.428395Z\",\"id\":\"CVE-2026-39828\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-281\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.52.0\",\"matchCriteriaId\":\"D540395B-31B8-4B07-8F79-F5C631BBD5C8\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/781621\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://go.dev/issue/79562\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/a082jnz-LvI\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-5014\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26546\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26547\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36105\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36167\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36207\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36319\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36625\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36648\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36651\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36796\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36797\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:36808\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37268\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37271\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37272\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37278\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37286\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37296\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:37387\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-39828\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2480687\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2026-07-10T16:26:07+00:00",
"cve": "CVE-2026-39828",
"id": "CVE-2026-39828",
"initial_release_date": "2026-05-22T02:31:26.883000+00:00",
"product_status:fixed": "241",
"product_status:known_affected": "163",
"product_status:known_not_affected": "395",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"RHEM 1.0 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace:0.42::el9\"], \"vendor\": \"Red Hat\", \"product\": \"DevWorkspace Operator 0.42\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.11\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.7::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.7.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.22::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.22\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer 1.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:assisted_installer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Assisted Installer for Red Hat OpenShift Container Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1\"], \"vendor\": \"Red Hat\", \"product\": \"Confidential Compute Attestation\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:external_secrets_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"External Secrets Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_service_on_aws:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift on AWS\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 18.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_security_profiles_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"Security Profiles Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager - Tech Preview\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-22T04:01:46.775Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-22T02:31:26.883Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:36796: RHEM 1.0 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36808: DevWorkspace Operator 0.42\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26547: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36625: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36207: Red Hat Advanced Cluster Security for Kubernetes 4.11\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26546: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36651: Red Hat Edge Manager 1.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36648: Red Hat OpenShift Builds 1.7.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37387: Red Hat Openshift Data Foundation 4.22\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36797: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37271: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37268: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37272: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37278: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37286: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:37296: Red Hat Trusted Artifact Signer 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36105: multicluster engine for Kubernetes 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:36167: multicluster engine for Kubernetes 2.6\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-22T02:31:26.883Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-39828\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2480687\", \"name\": \"RHBZ#2480687\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39828.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36796\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36808\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26547\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36625\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36207\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26546\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36319\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36651\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36648\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37387\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36797\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37271\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37268\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37272\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37278\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37286\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:37296\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36105\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:36167\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-281\", \"description\": \"Improper Preservation of Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-10T12:05:42.948Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-39828\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-22T17:43:55.428395Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-22T17:44:14.299Z\"}}], \"cna\": {\"title\": \"Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh\", \"credits\": [{\"lang\": \"en\", \"value\": \"NCC Group Cryptography Services, sponsored by Teleport\"}], \"affected\": [{\"vendor\": \"golang.org/x/crypto\", \"product\": \"golang.org/x/crypto/ssh\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.52.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/crypto/ssh\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"connection.serverAuthenticate\"}, {\"name\": \"NewServerConn\"}]}], \"references\": [{\"url\": \"https://go.dev/issue/79562\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/a082jnz-LvI\"}, {\"url\": \"https://go.dev/cl/781621\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-5014\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-863: Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-05-22T02:31:26.883Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-39828\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-10T12:05:42.948Z\", \"dateReserved\": \"2026-04-07T18:13:03.528Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-05-22T02:31:26.883Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:36319
Vulnerability from csaf_redhat - Published: 2026-07-07 15:06 - Updated: 2026-07-10 16:26A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36319",
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12143",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39831",
"url": "https://access.redhat.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46597",
"url": "https://access.redhat.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-53488",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9165",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-499_release-notes-49",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.9/html-single/release_notes/index#about-this-release-499_release-notes-49"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36319.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.9.9 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-10T16:26:12+00:00",
"generator": {
"date": "2026-07-10T16:26:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36319",
"initial_release_date": "2026-07-07T15:06:01+00:00",
"revision_history": [
{
"date": "2026-07-07T15:06:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-07T15:06:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ace31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782290046"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ac11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ad58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ad055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ac8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Aaa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357116"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ad68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782290046"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aa2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aa0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ab48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357116"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782290046"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aa757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357116"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Afbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Aef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782290046"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aedd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Aac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891812"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Abff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357116"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.9",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.9"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Clasmeier"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-9165",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-05-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue affecting RHACS Central. This flaw allows an authenticated user to reduce availability of the Central management component. Red Hat is not aware of malicious exploitation of this issue outside of coordinated testing. Updates addressing this issue will be released according to the RHACS support lifecycle. Refer to the associated errata when available for affected versions and update instructions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "RHBZ#2480505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9165"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165"
}
],
"release_date": "2026-07-06T08:38:30.568000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "There is no complete mitigation other than installing the update once\navailable.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service"
},
{
"cve": "CVE-2026-12143",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-06-12T19:00:57.360953+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (\") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "form-data: form-data: Form field override via CRLF injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important impact flaw in the form-data library: a remote attacker can inject arbitrary headers or additional multipart parts via CRLF injection in field names or filenames, potentially overriding sensitive form fields and affecting data integrity.\n\nFor RHOAI and RHEL AI, severity is Moderate because affected versions appear only as a transitive npm dependency in RHOAI (dashboard, mod-arch plugins, MLflow UI) and RHEL AI 3.4 bootc images, and those products use fixed field names for uploads rather than passing untrusted user input as multipart field names or filenames. The documented exploit path is therefore not reachable in default deployments. Practical impact is limited to non-default or custom integrations that forward multipart requests using attacker-controlled field names.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "RHBZ#2488480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/93.html",
"url": "https://cwe.mitre.org/data/definitions/93.html"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435",
"url": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229",
"url": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045",
"url": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx",
"url": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx"
},
{
"category": "external",
"summary": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data",
"url": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/form-data",
"url": "https://www.npmjs.com/package/form-data"
}
],
"release_date": "2026-06-12T18:01:30.362000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Applications using the `form-data` library should implement strict input validation and sanitization for all field names and filenames derived from untrusted sources. This prevents the injection of control characters (CR, LF, \") that could lead to header injection or form field overrides. Deployments that exclusively use fixed or trusted field names are not impacted.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "form-data: form-data: Form field override via CRLF injection"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39831",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-05-22T04:01:12.861178+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480675"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "RHBZ#2480675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39831",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831"
},
{
"category": "external",
"summary": "https://go.dev/cl/781662",
"url": "https://go.dev/cl/781662"
},
{
"category": "external",
"summary": "https://go.dev/issue/79566",
"url": "https://go.dev/issue/79566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5019",
"url": "https://pkg.go.dev/vuln/GO-2026-5019"
}
],
"release_date": "2026-05-22T02:31:27.436000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
},
{
"cve": "CVE-2026-46597",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2026-05-22T04:01:21.721980+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480678"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in `golang.org/x/crypto/ssh` allows a remote attacker to trigger a server-side panic by sending specially crafted inputs to the AES-GCM packet decoder. This vulnerability could lead to service unavailability in Red Hat products that incorporate and expose SSH services built with the affected `golang.org/x/crypto/ssh` component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "RHBZ#2480678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46597",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597"
},
{
"category": "external",
"summary": "https://go.dev/cl/781620",
"url": "https://go.dev/cl/781620"
},
{
"category": "external",
"summary": "https://go.dev/issue/79561",
"url": "https://go.dev/issue/79561"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5013",
"url": "https://pkg.go.dev/vuln/GO-2026-5013"
}
],
"release_date": "2026-05-22T02:31:26.754000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs"
},
{
"cve": "CVE-2026-53488",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-07-01T02:01:09.589815+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2495815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in containerd where the CRI plugin propagates labels from an image configuration (LABEL instruction in a Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host via a plugin that consumes container labels for operations, such as the restart-monitor binary:// logger. An attacker who can cause a crafted container image to be pulled and run can achieve host-level code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "RHBZ#2495815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2495815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-53488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp"
}
],
"release_date": "2026-07-01T00:11:20.610000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-07T15:06:01+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36319"
},
{
"category": "workaround",
"details": "Restrict container image pulls to trusted registries using admission policies or image signature verification. Where containerd is used as the container runtime, disable or restrict the binary:// logger URI scheme in the containerd configuration to prevent the label-to-logger attack path.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:42ce9a730012343eec85c5b69eb163311580df4682de47ca435043dff92c2dda_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6204d3577ee741f812133ff2d88499c807aa3ad58432f3304c1a35fc112189fd_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:d68367f3f9e3e785b7cfbd1d03e7c9ddbf8aed846fd7ff2d0ac03413c63e51e1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:fbc7d9fa8d47d71146098bdbcf2932684466d48df2a9e71eb19e3bbe185eaa3c_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:13b23d3626a7c286bc04db231b9c826914c03c4c7a8bebf031d973ac03a8fc31_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7d8340d149a12f7340ba43a87d6df208eb607a0f579b25efd1360bbe3aafb2e5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ce31d01779b4a6e31d3ccc4aa50da2d5c5c40e01ed9d40327da6c41c0a486a2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ef34f9f1927d68839bf1433f6a2c4753edbaa7bc1df54ac491643a4687aac2bf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:48f1df601e96894b983b79cda2c10e1706b21056a3637b92a4b0e0c1f4cf0a19_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:a757f885d03f92b46077f763a2e3695428efca08d1d170a850f6f35112f66416_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ac4aeacd669e6acd8b6513ed2e2d7bf065c7dc5e7b94ad4fa6287babab054d14_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c11dd07b70d80f5705d62fdf5a0df3b20ef5bc124ed0ebb17d63e475a3970635_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:8580ba5ee1456d0def514182dbcd5b9d131e82c9e79a51ef1a44002891b1b3a0_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:2f654cd657b76268e96f48c805d98b6a01193d5472e3b770d8e76d79b5c05f3f_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:934b313047a61e8f78e1a8b17083c4b5ad85f658f1314993e36710ae5e525595_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:96c38c3f664be6d572f4c267861008387d72e4a51e9d3f6eb9c90dab0ff3dbdc_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a2a01dc772b7343f80be6f0df86143abbbddac487d39ff9dca91248879cfae3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:4333f349152fd58df6e05ebe890c360bea2cf6d09c38b51cc4b0628132f85438_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a0d6f0dba57d06ba8d1ba7e5527fac907ecfcabab5ed1df0af3e664f5f831709_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d58d334c4ac8b3ec12c25dda7bc0c54aa463f5c6ad072d019deb4bef0e4e0388_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:edd5d70d99d538af0d2e4e8af795670f9bf75db5f33d5916d8fe2338ad783f69_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3d1ad6886063f535a79ac17e37aa000255d7e609e964256e90a7105393f99524_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9b22d40703ae9073ce13aa8b50a2cac2976ec7641977a8a7b8c3a0c5b4c89e69_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9df1184a0d86761b2f9fe173a446da819c89b95fd4e7759fc13b8f6fd6d563b1_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ac2c3fa4bb41c9f5e6d6f8cc400a250206923a3d74d72c52d7c30664baabcaaf_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:597c40e984b4e6c8b39fd07e95116b33050c0119c8064e84ab32966db2b4c28f_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6030687a0992fe6c2bf15e4455aa0601061423fb20a0153b753712ec4c8b6b8e_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8fee28cec9066005086a5e9d2b77ec5b351463dd268f5a09176ee0b47ba7c09d_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8aa39c7c288e4ad2813b2cea30826c99c3e8e25cc1d43b9d3e5b5a95a663d56_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:08140a22a837cad3ce68d2e3f5cb07b103583befa64e4a1f90d348a67dd5e661_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:79603118166a758104b5e29d90b0d08a25c7797b7e10a0a0a7588325fe5a8796_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b48725f67d160b2d277f65b7f9d84bea0477ade659a4739616d68139f60799d5_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:d055d3d7d21c787ff41fce7ed08ee1185962be6f222469a85cce0c45c8375f46_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:0d114307f2e9c510e898c8d793d3e4c18d7d4ca38a6487a669e93c1880b500ae_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:3c4b50e375c8fabf7a259cc99cae49cddb2d46e671536975cee344e8d1880334_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4e24c3568384f62a6efefe5a97e3844c11530eb542131ad1ce6eec0aef236129_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:6e9d49feda9a820d4de114e859a327c2ed1798fb16f12a17832d890ff62eab80_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:47ed3feae50625198753e8b325cd1d9906b54446f731311004cba122113e3595_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:48b11cd33e443dc69a7d0d20d0119320b54d09bd47b54a4dda4a749c55ea9900_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6dcefd3e870252fd6c4589113af0880cd5df8644738ff558c8f3c89ef81563ec_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:8d32e8630408d08ac608edf7c5f3b11fea114bbda3ab0dd9a6360cdb2b6b1931_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0d7e7363ef60f1953fb01ffecdb40aa55b8bdef0ead60c7b1c76c2cae34749c7_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:865043d3b398721e1c82b798ee334418438f8ede5b6166517b76fb731aae2a59_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:aa5725b9a86e24ff3bd64a454f957b46be14d5adfd148a6927e5d7613ef7c64b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.9:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:bff84375341986d6c7c404dca01c5e1305daf9c7e01a2b13ba416487160fe841_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin"
}
]
}
RHSA-2026:36625
Vulnerability from csaf_redhat - Published: 2026-07-08 08:08 - Updated: 2026-07-10 16:26A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie's attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36625",
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-12143",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25681",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39831",
"url": "https://access.redhat.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46597",
"url": "https://access.redhat.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46625",
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-53488",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-9165",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4105_release-notes-410",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.10/html-single/release_notes/index#about-this-release-4105_release-notes-410"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36625.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.10.5 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-10T16:26:14+00:00",
"generator": {
"date": "2026-07-10T16:26:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36625",
"initial_release_date": "2026-07-08T08:08:13+00:00",
"revision_history": [
{
"date": "2026-07-08T08:08:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T08:08:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product": {
"name": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3A41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8\u0026tag=1782356145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ac77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-fact-rhel8@sha256%3A1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8\u0026tag=1782356145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Afe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Aa0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ae7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ad048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Af4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ae723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Adc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Aafeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=1782187369"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Af8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Aeba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=1782891789"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=1783357140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=1783357140"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64 as a component of Red Hat Advanced Cluster Security for Kubernetes 4.10",
"product_id": "Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security for Kubernetes 4.10"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Moritz Clasmeier"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2026-9165",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2026-05-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Advanced Cluster Security for Kubernetes (RHACS). Central does not limit the depth of GraphQL queries served on the authenticated GraphQL API. An authenticated user with a valid API token can send deeply nested queries that cause excessive resource consumption in Central, resulting in a denial of service for the management plane.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security is aware of this issue affecting RHACS Central. This flaw allows an authenticated user to reduce availability of the Central management component. Red Hat is not aware of malicious exploitation of this issue outside of coordinated testing. Updates addressing this issue will be released according to the RHACS support lifecycle. Refer to the associated errata when available for affected versions and update instructions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-9165"
},
{
"category": "external",
"summary": "RHBZ#2480505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9165"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9165"
}
],
"release_date": "2026-07-06T08:38:30.568000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "There is no complete mitigation other than installing the update once\navailable.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service"
},
{
"cve": "CVE-2026-12143",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-06-12T19:00:57.360953+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in form-data, a library for creating readable multipart/form-data streams. A remote attacker can exploit this vulnerability by injecting carriage return (CR), line feed (LF), or double-quote (\") characters into the `field` argument of `FormData#append` or the `filename` option. This allows the attacker to inject additional headers or smuggle entire additional multipart parts into requests, potentially enabling them to add or override form fields and compromise data integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "form-data: form-data: Form field override via CRLF injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important impact flaw in the form-data library: a remote attacker can inject arbitrary headers or additional multipart parts via CRLF injection in field names or filenames, potentially overriding sensitive form fields and affecting data integrity.\n\nFor RHOAI and RHEL AI, severity is Moderate because affected versions appear only as a transitive npm dependency in RHOAI (dashboard, mod-arch plugins, MLflow UI) and RHEL AI 3.4 bootc images, and those products use fixed field names for uploads rather than passing untrusted user input as multipart field names or filenames. The documented exploit path is therefore not reachable in default deployments. Practical impact is limited to non-default or custom integrations that forward multipart requests using attacker-controlled field names.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-12143"
},
{
"category": "external",
"summary": "RHBZ#2488480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-12143",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-12143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12143"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/93.html",
"url": "https://cwe.mitre.org/data/definitions/93.html"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435",
"url": "https://github.com/form-data/form-data/commit/64190db548c0179e37206858e39f27cf513e9435"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229",
"url": "https://github.com/form-data/form-data/commit/be3f3cf553978bac15a5182f1f3c3d2d38ccf229"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045",
"url": "https://github.com/form-data/form-data/commit/c7133499c2ee1b80c678e411244f4442bf902045"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx",
"url": "https://github.com/form-data/form-data/security/advisories/GHSA-hmw2-7cc7-3qxx"
},
{
"category": "external",
"summary": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data",
"url": "https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#multipart-form-data"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/form-data",
"url": "https://www.npmjs.com/package/form-data"
}
],
"release_date": "2026-06-12T18:01:30.362000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Applications using the `form-data` library should implement strict input validation and sanitization for all field names and filenames derived from untrusted sources. This prevents the injection of control characters (CR, LF, \") that could lead to header injection or form field overrides. Deployments that exclusively use fixed or trusted field names are not impacted.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "form-data: form-data: Form field override via CRLF injection"
},
{
"cve": "CVE-2026-25681",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-05-22T16:01:08.177603+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480761"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution in applications that use the affected component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/net/html` could enable remote attackers to execute Cross-Site Scripting (XSS) attacks, potentially leading to arbitrary code execution. The flaw allows specially crafted HTML to bypass input sanitization during parsing and rendering. Red Hat products are affected if they process untrusted HTML content using the vulnerable component without additional output encoding or robust content security policies.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25681"
},
{
"category": "external",
"summary": "RHBZ#2480761",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480761"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25681"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25681"
},
{
"category": "external",
"summary": "https://go.dev/cl/781703",
"url": "https://go.dev/cl/781703"
},
{
"category": "external",
"summary": "https://go.dev/issue/79574",
"url": "https://go.dev/issue/79574"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5029",
"url": "https://pkg.go.dev/vuln/GO-2026-5029"
}
],
"release_date": "2026-05-22T15:01:21.975000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "To mitigate this flaw, applications processing untrusted HTML input must implement strict input sanitization and ensure all output is properly encoded before rendering. Deploying a comprehensive Content Security Policy (CSP) can restrict script execution, further reducing the attack surface. Administrators should review application configurations to ensure adequate protection against XSS.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39831",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-05-22T04:01:12.861178+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480675"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The Verify() method, responsible for FIDO/U2F security key types, did not properly check for user presence. This allowed signatures to be accepted without requiring a physical touch on the hardware security key. As a result, an attacker could potentially use a hardware security key in an unattended manner, bypassing a critical security control designed to ensure user intent.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "RHBZ#2480675",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480675"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39831",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39831"
},
{
"category": "external",
"summary": "https://go.dev/cl/781662",
"url": "https://go.dev/cl/781662"
},
{
"category": "external",
"summary": "https://go.dev/issue/79566",
"url": "https://go.dev/issue/79566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5019",
"url": "https://pkg.go.dev/vuln/GO-2026-5019"
}
],
"release_date": "2026-05-22T02:31:27.436000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Security key bypass due to missing user presence check"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
},
{
"cve": "CVE-2026-46597",
"cwe": {
"id": "CWE-681",
"name": "Incorrect Conversion between Numeric Types"
},
"discovery_date": "2026-05-22T04:01:21.721980+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480678"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could send specially crafted inputs to the AES-GCM packet decoder. This could lead to an incorrectly placed cast from bytes to an integer, causing a server-side panic and resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important denial of service flaw in `golang.org/x/crypto/ssh` allows a remote attacker to trigger a server-side panic by sending specially crafted inputs to the AES-GCM packet decoder. This vulnerability could lead to service unavailability in Red Hat products that incorporate and expose SSH services built with the affected `golang.org/x/crypto/ssh` component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "RHBZ#2480678",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480678"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46597",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46597"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46597"
},
{
"category": "external",
"summary": "https://go.dev/cl/781620",
"url": "https://go.dev/cl/781620"
},
{
"category": "external",
"summary": "https://go.dev/issue/79561",
"url": "https://go.dev/issue/79561"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5013",
"url": "https://pkg.go.dev/vuln/GO-2026-5013"
}
],
"release_date": "2026-05-22T02:31:26.754000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted AES-GCM packet decoder inputs"
},
{
"cve": "CVE-2026-46625",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-06-10T22:01:17.685570+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in JavaScript Cookie (js-cookie). This vulnerability allows a remote attacker to manipulate cookie attributes by exploiting a prototype pollution issue within the `assign()` helper function. When processing specially crafted JSON input, the flaw enables an attacker to hijack the prototype of a cookie\u0027s attribute object. This allows the attacker to set sensitive cookie attributes such as `domain`, `secure`, `samesite`, `expires`, and `path`, potentially leading to security bypasses or session manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46625"
},
{
"category": "external",
"summary": "RHBZ#2487740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46625",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46625"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46625",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46625"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020",
"url": "https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7",
"url": "https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7"
},
{
"category": "external",
"summary": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j",
"url": "https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j"
}
],
"release_date": "2026-06-10T21:18:05.372000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "js-cookie: JavaScript Cookie: Cookie attribute manipulation via prototype pollution"
},
{
"cve": "CVE-2026-53488",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2026-07-01T02:01:09.589815+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2495815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in containerd, an open-source container runtime. The Container Runtime Interface (CRI) plugin, which manages container operations, fails to validate labels propagated from an image configuration to a container. This oversight could enable an attacker to execute arbitrary commands on the host system through a plugin that processes these unvalidated labels. The primary impact is host-root command execution, allowing unauthorized control over the underlying system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in containerd where the CRI plugin propagates labels from an image configuration (LABEL instruction in a Dockerfile) to a container without validation. This may result in executing an arbitrary command on the host via a plugin that consumes container labels for operations, such as the restart-monitor binary:// logger. An attacker who can cause a crafted container image to be pulled and run can achieve host-level code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-53488"
},
{
"category": "external",
"summary": "RHBZ#2495815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2495815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-53488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-53488"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-53488"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp"
}
],
"release_date": "2026-07-01T00:11:20.610000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T08:08:13+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36625"
},
{
"category": "workaround",
"details": "Restrict container image pulls to trusted registries using admission policies or image signature verification. Where containerd is used as the container runtime, disable or restrict the binary:// logger URI scheme in the containerd configuration to prevent the label-to-logger attack path.",
"product_ids": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:05dd53e6127b9002119c9b45837f57a741aaee7675274f97bd23c85303b24c95_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:5b5d026bb7988e258bb10d548eae2ee330f84d30be79adee00cf2646968dbaeb_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:81e9b12f2153706baceb7c05154ecb69a6c9b225130e80d20a595a91f7bc8742_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:dc3c7562e7246813f0e75f63e01af32a95abb31efc3238f01ddcaa5df483b678_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:26d4969c21b234219e20ede1b3df08fdb1250f39239f8365978d6d0002668eee_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:4dae34a8dd2a3f84345fa73aa71b5d4c30629cce316973ec14e95cbcb6e249d6_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:74b47f404add83156bb601dd0b3284bf8d7e8de297f950ff00b5f18fb16c5c86_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:afeab885aca2c2b4a3794c1f342bb1c802616546709c11d2466fe664e0b0a5e5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:1f4439c3f97d81af59c66d0e9b4664925ca256ebf5cc14bedf21003b6fe30b2d_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-fact-rhel8@sha256:41cd92ebb4492161a0a2d9cd9afe8ba2a587aa63ce4fdf43d9c5f1e8705ac0e9_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:065e6e08945d72964d3b73022b8a6cdaed69ac283cdd7ae462bfd54d835ecb79_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:5b958f96a409088346cc452d16cff16f1ed0d11f28a1443449badc5081bedc69_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:85f541d097073ced436033f3b28775941b75aaa64ac38e9377b874ff3690344b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe461141cb449e05b18df94128ada9a2ee4b283e72455cd1b4360d7a2a57ba84_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:c77fd69d41cb6f1f2abd0099cb41758eadf4e96d7b1a979473232bd80788b1e4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:42ff0f634c6a3e4785ebcc9d08e792bdc86bcf53a5f1cadc915a2b02b393a197_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:a0642aac46c7f16bdf83827086151f23b0e23880b316f710bdd2f5d09eae5e46_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c5dcb00a4e0d0966b2438e427933963f3a25c3e84aeb9897c620a6cc0ad055af_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c8c8dbdda50c4db77f0ea2d011933badf07a8e7318c5b6a29b352fc342ce55f6_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:223bf9ac4c07796f59dfe5b5b4da73d755b6ae121c48514d9684ba1b65785630_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:49159080ea7587469f0ad688f9b53d5b5f8e028006031d0371eca9a03d401e3c_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:646bde20707db278d3e33a6dfad485699d0b3b9445d894d487a373cb3d56bdcb_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f8457cf58c1a2b220a033b7b324cbb9f2173e10f8a32c35ff802fbdbadcd50bc_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8cf28b9b4d7d9ebc615bd5f20630043abe461b4d047162a92287711c3822eee9_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9f15ca532778d22bd840bb5b51ee8548c8a3fa991097e8d71899d1537b4c8387_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:eba8efa8ec40900d549d5e8071bf24ab41afcafb11b4c17d67c494c8c9f435a0_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f4a75a14e1d78a9d4fbcda5ea214395e66938a313cb1a07dd39808866992a594_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:5a90532680985ba06e52625661ff66045dbdae81c4193103ef09a9eab051acf5_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:86d8078be89cae8446bb15822cc16957aa7dce2c67425e6117df393480af3e41_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:94adcb77707adf13d73da54cb5762aea54a48b954f357a281f459afed4df7ab4_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e7d2cb6dd9a1240674ecb8d5eae262486d95de604f2d64e61e59b9bed9cae34a_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:137e687ec8b4b32b30e7de5825fa12c428b094fb9c37c239b4ef07e7953e7614_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7c8c3bbf81a3c4ad1d1147cd994df15e4936ba5db19fe74f8ada73115d2d5683_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:85ef92ca0b10f88e3bd660cdb2d99a08fc6166853a33b536b8d3e7b19514ee95_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:9ac38c23ef57028641ab30028677a5cc9c2bd5054dcf9dab72c3718b505d8ea3_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1f6e034c6871773f5f971dc4398f8416d83f1b745b528c61b458adad92614674_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:48d73e0709966f458056cbc9cd3eed19fb4483a597741f0fd538e36b92aa3233_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:75684c065067bde2c78f6731eabf2690e49e25793b07ce87f21d5d8fe89c9dd6_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d048c2c56706612f38e3dbea04a8a3955ea1636b41ef3375086029950acc2fed_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:07521ebbd400ffe370c41391de255e771c82cc75f560adea2e4a2ad3f40b8a26_arm64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:57ff8c1f0a4168d757387058de77a31cc9717874d43df52bdaf763897558f38b_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:98b6c35b2f0a2cef0b110c358437bb610ba816b0902855760f8dda5eeade190b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e723ebdd59310426f51ce0cd77c72d1d2cb8e223b14d7f889f8c232356250645_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0646898c9896dfbd9151bc917670f5182879168a1e144013cefd1cc637997f2b_amd64",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:139cb19312fe9b601be3828f0f36bf73499f39f26d417805389ffa335da43714_s390x",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:2507fd8df47313f86ca76070b33dc310b60540a840e664157a1d7e9c0292495c_ppc64le",
"Red Hat Advanced Cluster Security for Kubernetes 4.10:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4c044273406544274c30d2406071a216a6e9986c836a1dc57a5d04526bf31530_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin"
}
]
}
RHSA-2026:36648
Vulnerability from csaf_redhat - Published: 2026-07-08 09:20 - Updated: 2026-07-10 16:26A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the cluster, any authenticated user can disrupt workload scheduling, tamper with scheduling priorities, delete other tenants' Workload objects, or induce cert-manager to overwrite TLS Secrets including the default ingress controller certificate.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Workaround
|
A flaw was found in the `crypto/x509` package of `golang`. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name (SAN) entries. The certificate verification process, specifically the `VerifyHostname` function, incurs excessive computational overhead due to repeated string operations when processing these entries. This can lead to a significant performance degradation or unresponsiveness of systems validating such certificates.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. The NewKeyring() function, which creates an in-memory keyring, failed to enforce the ConfirmBeforeUse constraint on keys. This allowed keys configured to require user confirmation before use to perform signing operations without any prompt or indication to the user. Consequently, an attacker could potentially bypass intended security controls, leading to unauthorized cryptographic signing actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Builds 1.7.4",
"title": "Topic"
},
{
"category": "general",
"text": "Releases of Red Hat OpenShift Builds 1.7.4",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36648",
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-10840",
"url": "https://access.redhat.com/security/cve/CVE-2026-10840"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27145",
"url": "https://access.redhat.com/security/cve/CVE-2026-27145"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39833",
"url": "https://access.redhat.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42508",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.7",
"url": "https://docs.redhat.com/en/documentation/builds_for_red_hat_openshift/1.7"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36648.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Builds 1.7.4",
"tracking": {
"current_release_date": "2026-07-10T16:26:21+00:00",
"generator": {
"date": "2026-07-10T16:26:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36648",
"initial_release_date": "2026-07-08T09:20:18+00:00",
"revision_history": [
{
"date": "2026-07-08T09:20:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T09:20:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Builds 1.7.4",
"product": {
"name": "Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_builds:1.7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Builds"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3A0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9\u0026tag=1783057515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3Acebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9\u0026tag=1783057529"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3A64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9\u0026tag=1783057884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3A992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9\u0026tag=1783058067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator\u0026tag=1783341609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-operator-bundle@sha256%3A24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-operator-bundle\u0026tag=1783413402"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3A37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9\u0026tag=1783334059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3Ac472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9\u0026tag=1783333779"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3A7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9\u0026tag=1783057868"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3A6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9\u0026tag=1783058284"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3A09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9\u0026tag=1783057515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3Aa18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9\u0026tag=1783057529"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3A8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9\u0026tag=1783057884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3Acf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9\u0026tag=1783058067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator\u0026tag=1783341609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3A0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9\u0026tag=1783334059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3A2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9\u0026tag=1783333779"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3Ab2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9\u0026tag=1783057868"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3Abe7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9\u0026tag=1783058284"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3A59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9\u0026tag=1783057515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3A2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9\u0026tag=1783057529"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3Accf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9\u0026tag=1783057884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3A7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9\u0026tag=1783058067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator\u0026tag=1783341609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3A98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9\u0026tag=1783334059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3Afa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9\u0026tag=1783333779"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3Afecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9\u0026tag=1783057868"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3A92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9\u0026tag=1783058284"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-controller-rhel9@sha256%3Aaf26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9\u0026tag=1783057515"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-git-cloner-rhel9@sha256%3A0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9\u0026tag=1783057529"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-bundler-rhel9@sha256%3Aa473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9\u0026tag=1783057884"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-image-processing-rhel9@sha256%3Aa80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9\u0026tag=1783058067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-rhel9-operator@sha256%3A189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator\u0026tag=1783341609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-rhel9@sha256%3A626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9\u0026tag=1783334059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-shared-resource-webhook-rhel9@sha256%3Ad3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9\u0026tag=1783333779"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-waiters-rhel9@sha256%3Aaef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9\u0026tag=1783057868"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"product": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"product_id": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-builds-webhook-rhel9@sha256%3A4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876?arch=s390x\u0026repository_url=registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9\u0026tag=1783058284"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64 as a component of Red Hat OpenShift Builds 1.7.4",
"product_id": "Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
},
"product_reference": "registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Builds 1.7.4"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Christopher Lusk"
],
"organization": "North Echo Security Research"
}
],
"cve": "CVE-2026-10840",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2026-04-25T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2484720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the cluster, any authenticated user can disrupt workload scheduling, tamper with scheduling priorities, delete other tenants\u0027 Workload objects, or induce cert-manager to overwrite TLS Secrets including the default ingress controller certificate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openshift-pipelines-operator-rh: openshift-pipelines-operator: tekton-scheduler-rolebinding grants system:authenticated write access to Kueue and cert-manager resources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the OpenShift Pipelines operator where the `tekton-scheduler-rolebinding` grants `system:authenticated` users cluster-wide write access to Kueue and cert-manager resources. This allows any authenticated user to disrupt workload scheduling, manipulate priorities, delete Workload objects, or may overwrite TLS Secrets, such as the default ingress controller certificate, by leveraging cert-manager\u0027s privileges. The vulnerable RBAC objects are deployed regardless of whether the Tekton Scheduler feature is enabled.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-10840"
},
{
"category": "external",
"summary": "RHBZ#2484720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-10840",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-10840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-10840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10840"
}
],
"release_date": "2026-04-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "If the Tekton Scheduler feature is not in use, administrators can mitigate this by patching the ClusterRoleBinding to reference a specific ServiceAccount instead of system:authenticated:\n\noc patch clusterrolebinding tekton-scheduler-rolebinding --type=merge -p \u0027{\"subjects\": [{\"kind\": \"ServiceAccount\", \"name\": \"openshift-pipelines-operator\", \"namespace\": \"openshift-operators\"}]}\u0027\n\nIMPORTANT: The OpenShift Pipelines operator\u0027s reconciliation loop may revert this manual patch. Verify that the operator does not reconcile this binding back to system:authenticated after applying the mitigation. If it does, scale down the operator deployment or configure the operator to skip reconciliation of this object.\n\nAlternatively, the ClusterRoleBinding can be deleted if the Tekton Scheduler is not enabled.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openshift-pipelines-operator-rh: openshift-pipelines-operator: tekton-scheduler-rolebinding grants system:authenticated write access to Kueue and cert-manager resources"
},
{
"cve": "CVE-2026-27145",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-06-02T23:01:08.992540+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2484207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package of `golang`. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name (SAN) entries. The certificate verification process, specifically the `VerifyHostname` function, incurs excessive computational overhead due to repeated string operations when processing these entries. This can lead to a significant performance degradation or unresponsiveness of systems validating such certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in the Go standard library crypto/x509 package. When verifying a TLS certificate hostname, VerifyHostname processed each DNS Subject Alternative Name (SAN) entry in a loop and repeatedly split the candidate hostname on \".\" characters. For certificates with a very large DNS SAN list, CPU use could grow quadratically with the number of SAN entries and hostname labels. Because hostname verification runs before the certificate chain is built, this overhead can occur even when the certificate is not trusted.\n\nRed Hat rates this issue as Important. It affects Red Hat products that include the Go standard library crypto/x509 code from an affected Go toolchain version (before Go 1.25.11, or from Go 1.26.0 through Go 1.26.3). Applications and container images built with a fixed Go release (1.25.11 or later, or 1.26.4 or later) are not affected. Community distributions such as Fedora are also affected.\n\nUpstream fix: Go 1.25.11 and Go 1.26.4 (GO-2026-5037).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27145"
},
{
"category": "external",
"summary": "RHBZ#2484207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27145"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145"
},
{
"category": "external",
"summary": "https://go.dev/cl/783621",
"url": "https://go.dev/cl/783621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79694",
"url": "https://go.dev/issue/79694"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw",
"url": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5037",
"url": "https://pkg.go.dev/vuln/GO-2026-5037"
}
],
"release_date": "2026-06-02T22:01:36.954000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "A flaw was found in the Go standard library crypto/x509 package. When verifying a TLS certificate hostname, VerifyHostname processed each DNS Subject Alternative Name (SAN) entry in a loop and repeatedly split the candidate hostname on \".\" characters. For certificates with a very large DNS SAN list, CPU use could grow quadratically with the number of SAN entries and hostname labels. Because hostname verification runs before the certificate chain is built, this overhead can occur even when the certificate is not trusted.\n\nRed Hat rates this issue as Important. It affects Red Hat products that include the Go standard library crypto/x509 code from an affected Go toolchain version (before Go 1.25.11, or from Go 1.26.0 through Go 1.26.3). Applications and container images built with a fixed Go release (1.25.11 or later, or 1.26.4 or later) are not affected. Community distributions such as Fedora are also affected.\n\nUpstream fix: Go 1.25.11 and Go 1.26.4 (GO-2026-5037).",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39833",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-05-22T04:01:35.714593+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480683"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. The NewKeyring() function, which creates an in-memory keyring, failed to enforce the ConfirmBeforeUse constraint on keys. This allowed keys configured to require user confirmation before use to perform signing operations without any prompt or indication to the user. Consequently, an attacker could potentially bypass intended security controls, leading to unauthorized cryptographic signing actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this issue as Moderate with RH CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N). A flaw was found in golang.org/x/crypto/ssh/agent where the in-memory keyring returned by NewKeyring() silently accepted SSH agent keys with the ConfirmBeforeUse constraint but did not enforce interactive confirmation before signing. Exploitation requires local access and low privileges on a system where an affected application uses NewKeyring() with ConfirmBeforeUse. Most Red Hat products that bundle golang.org/x/crypto do not use the ssh/agent ConfirmBeforeUse feature in their supported execution paths. The upstream CISA CVSS 9.1 assumes a broader network attack context that does not reflect Red Hat product deployment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "RHBZ#2480683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39833"
},
{
"category": "external",
"summary": "https://go.dev/cl/778640",
"url": "https://go.dev/cl/778640"
},
{
"category": "external",
"summary": "https://go.dev/cl/778641",
"url": "https://go.dev/cl/778641"
},
{
"category": "external",
"summary": "https://go.dev/issue/79436",
"url": "https://go.dev/issue/79436"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5005",
"url": "https://pkg.go.dev/vuln/GO-2026-5005"
}
],
"release_date": "2026-05-22T02:31:26.294000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "Update affected Go applications to use golang.org/x/crypto version 0.52.0 or later, which rejects unsupported ConfirmBeforeUse keys instead of silently ignoring the constraint. As a workaround, do not add keys with ConfirmBeforeUse to the in-memory keyring from golang.org/x/crypto/ssh/agent, or use an SSH agent implementation that correctly enforces confirm-before-use.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42508",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-22T04:01:49.515058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480688"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "RHBZ#2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://go.dev/cl/781220",
"url": "https://go.dev/cl/781220"
},
{
"category": "external",
"summary": "https://go.dev/issue/79568",
"url": "https://go.dev/issue/79568"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5021",
"url": "https://pkg.go.dev/vuln/GO-2026-5021"
}
],
"release_date": "2026-05-22T02:31:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T09:20:18+00:00",
"details": "It is recommended that existing users of Red Hat OpenShift Builds 1.7.3 upgrade to 1.7.4",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36648"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:09fdae42b81088e67a3f29e32ac980d57652d8ddbe9665b86aab69b37a4327bd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:0ef830a815d07df60291e9c7b89a03dd40c0ceabfc3071f1fe188575f65a0542_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:59bc241a2a06804393a63785eeb8f0a8165a99263f08e0ffc3e727671c214114_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-controller-rhel9@sha256:af26444b2b45eb9c726b8d0cc92f023c4f4e52c9fb839198ad862d6513e2683f_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:0a189209a84ceddfbbfdba58e43fe94b5ddd211982a58a0929eb9997d3bf585a_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:2d8b7f64fa620bfce0130c52b977942ec9118fafddc9c090994609ab274df00c_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:a18b4c58e2b285058541b77a47d6482a9db6be58756651df3b3c648548a44f8e_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9@sha256:cebcaaef5272faa6e6f147eeb966803b7cb3d3fbc86514132f6ad2e8b51e4557_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:64c957565dd799994cab0828a9c1169c128ca20e8b103af6b6ac2f422077e322_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:8c8aa38871ee6d945a186d0e3a7b129bafd08d53e52278e1eb6d8011491240dd_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:a473e11982fd3d970a3e28d7e103ee40fd50217cb0de7028edfae345c34bcbc0_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-bundler-rhel9@sha256:ccf2448519c0998d9843fa570f128f420326e849c8c69dd3c5b526c3444d9f50_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:7bda73fcb94b412a8799bd11915066b07ed341fed2cd0ab81776f4c601926b54_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:992588aab0cfe3ec909418e827ca46828d0a07d9e3e1479fed437c9c445d7ff0_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:a80038bcbb994457fda1443b37dee5fbe66bbb02972b38139a9877e978c73835_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-image-processing-rhel9@sha256:cf2318bcce1f1a565bcfdb722d89e0ddb2e88a523db237e926def3934add78e5_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-operator-bundle@sha256:24c95ad401a653c88d072a7753052850cfa6738686ce9aec7ba5f6fcbc92e7fc_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:189d8de6e11f86cd47891d2268c2a91134a6fe617ecbbc433dda7a7f68519421_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:61007260c34ec5113e4286f679a5377c64fb6ad934aee5de6928f4c06c54e969_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:779614a189b230b5c78cd28e360d9e7fabb519aef73a5acacb26b3c26716c68d_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-rhel9-operator@sha256:898bf1c9ee31508ffb2d72deaa97f0b02639e22063788448bbe55f5b98d8db7b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:0a2acfdea8fb6b49a6117d8914e9ae56bc4668ce882131a47923fc0c7ab7c6b6_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:37415ef53ed46fcc1fd8010da38f13ffc9015f8435306b7dcf16bb3ed117083b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:626527f0b4701d00b845c8bca201f81756a0577a555447ea90b8903b0f968e12_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-rhel9@sha256:98ad870b2929bc5db27a7cf0f9f0791f82d6889673ce7d102838616c466af612_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:2d1e27a8dc06bc78b251796816e89ff0ad7ee91ccd9077db47d245fb5ae5d291_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:c472058fc730b6ea6d064cd77dfa583340976209afe109fee9296012f02df66f_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:d3ca3c7f85c104a6ae087dccd37e328e1cdeb5b93a880b48e1f2c99c015fd101_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-shared-resource-webhook-rhel9@sha256:fa3f9534ea19d8828c2342b3557f652196aec37552fa49e83af6dd1b0c356d69_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:7bfbb56d32556a602f9bbe422ea0a583e7e79e0de7503ce362962b3ffc5e5d62_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:aef0c6d237fba5ce37a219b78da4e7c566c6de1d37a9fcd0529c514322f09e77_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:b2361437d1f6d5ee61b23867ea903668f611f76cc76142713785b2faa00fcd63_arm64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-waiters-rhel9@sha256:fecc167995f30887629cd176971af5f7b3cb1cc377f8e3a329008e83133e8361_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:4570de210e87e6d64af57fe4ecb072e732365e62e7a23c3b1a8c04cf508bc876_s390x",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:6d070525b6e7b75f61f2999dac4dbcbc6fda96c882a17978e7bf8edbc008847b_amd64",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:92ee83df52ef773c4bcad66c277f608832de60b2bd00adb41fb877e33040077b_ppc64le",
"Red Hat OpenShift Builds 1.7.4:registry.redhat.io/openshift-builds/openshift-builds-webhook-rhel9@sha256:be7f5c4ca3cbba8944f0c275ccf847b701c6ae7a25052272fb80d8144f61fc9c_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
}
]
}
RHSA-2026:36651
Vulnerability from csaf_redhat - Published: 2026-07-08 10:08 - Updated: 2026-07-10 16:38A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI's intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Workaround
|
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Workaround
|
A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — | ||
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Edge Manager Version 1.0.3 Security Update",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Edge Manager (RHEM) provides simple, scalable, and security-focused\nmanagement of edge devices and applications. It supports image-mode RHEL and\ncontainer workloads that run on Podman/Docker or Kubernetes.\n\nRHEM is now available as a standalone feature, providing greater flexibility for\nedge deployments. In addition to the standalone version, RHEM continues to be\noffered as a plugin for the following platforms:\n\n* Red Hat Advanced Cluster Management (RHACM): Extends fleet management to edge\ndevices.\n* Red Hat Ansible Automation Platform (AAP): Integrates edge management with\nAnsible automation.\n\nThis integration enables organizations to optimize the management and\norchestration of their fleets of edge devices; whether its thousands of\ndispersed retail point-of-sale systems or industrial machinery on remote factory\nfloors.\n\nValue for customers and partners:\n\n* This solution not only helps customers manage thousands of devices but helps\nscale operations.\n* To manage large-scale deployments, customers need to be able to integrate with\ntheir existing management systems, support remote configuration and over-the-air\nupdates, and collect telemetry data for advanced analytics.\n* Red Hat Edge Manager offers a simple and security-focused lifecycle\nmanagement, from onboarding to decommissioning of edge devices.\n\nThis complete end-to-end solution empowers organizations to gain the most value\nfrom the fleets of devices that generate data, all from a centralized location.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36651",
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69873",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33810",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42151",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42154",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42508",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4926",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-6322",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html-single/edge_manager/index#edge-mgr-intro",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html-single/edge_manager/index#edge-mgr-intro"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/managing_device_fleets_with_the_red_hat_edge_manager/assembly-edge-manager-intro",
"url": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/managing_device_fleets_with_the_red_hat_edge_manager/assembly-edge-manager-intro"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36651.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update",
"tracking": {
"current_release_date": "2026-07-10T16:38:46+00:00",
"generator": {
"date": "2026-07-10T16:38:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36651",
"initial_release_date": "2026-07-08T10:08:44+00:00",
"revision_history": [
{
"date": "2026-07-08T10:08:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T10:08:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:38:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Edge Manager 1.0",
"product": {
"name": "Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:edge_manager:1.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Edge Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-alert-exporter-rhel9@sha256%3A7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-alert-exporter-rhel9\u0026tag=1783502022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-alertmanager-proxy-rhel9@sha256%3A9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9\u0026tag=1783502465"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-api-rhel9@sha256%3A5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-api-rhel9\u0026tag=1783502025"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-cli-artifacts-rhel9@sha256%3A3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9\u0026tag=1783502494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-db-setup-rhel9@sha256%3A0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-db-setup-rhel9\u0026tag=1783502401"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-pam-issuer-rhel9@sha256%3A6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-pam-issuer-rhel9\u0026tag=1783502403"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-periodic-rhel9@sha256%3Ab0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-periodic-rhel9\u0026tag=1783502022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-telemetry-gateway-rhel9@sha256%3A51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9\u0026tag=1783502023"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-ui-rhel9@sha256%3Af1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-ui-rhel9\u0026tag=1783502438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-ui-ocp-rhel9@sha256%3A5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-ui-ocp-rhel9\u0026tag=1783502765"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-userinfo-proxy-rhel9@sha256%3Aceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9\u0026tag=1783502029"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"product_id": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-worker-rhel9@sha256%3A11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79?arch=amd64\u0026repository_url=registry.redhat.io/rhem/flightctl-worker-rhel9\u0026tag=1783502445"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-alert-exporter-rhel9@sha256%3Abb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-alert-exporter-rhel9\u0026tag=1783502022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-alertmanager-proxy-rhel9@sha256%3Ae4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9\u0026tag=1783502465"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-api-rhel9@sha256%3Afb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-api-rhel9\u0026tag=1783502025"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-cli-artifacts-rhel9@sha256%3Ac9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9\u0026tag=1783502494"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-db-setup-rhel9@sha256%3A84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-db-setup-rhel9\u0026tag=1783502401"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-pam-issuer-rhel9@sha256%3A225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-pam-issuer-rhel9\u0026tag=1783502403"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-periodic-rhel9@sha256%3A0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-periodic-rhel9\u0026tag=1783502022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-telemetry-gateway-rhel9@sha256%3Aaba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9\u0026tag=1783502023"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-ui-rhel9@sha256%3Ae75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-ui-rhel9\u0026tag=1783502438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-ui-ocp-rhel9@sha256%3Ae8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-ui-ocp-rhel9\u0026tag=1783502765"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-userinfo-proxy-rhel9@sha256%3A636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9\u0026tag=1783502029"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64",
"product": {
"name": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64",
"product_id": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64",
"product_identification_helper": {
"purl": "pkg:oci/flightctl-worker-rhel9@sha256%3A4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395?arch=arm64\u0026repository_url=registry.redhat.io/rhem/flightctl-worker-rhel9\u0026tag=1783502445"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64 as a component of Red Hat Edge Manager 1.0",
"product_id": "Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
},
"product_reference": "registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64",
"relates_to_product_reference": "Red Hat Edge Manager 1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2025-69873",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-11T19:01:32.953264+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439070"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ajv: ReDoS via $data reference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, the $data option must be enabled and the attacker needs to be able to send a payload with a specially crafted regular expression to the application processing the input. A 31-character payload causes approximately 44 seconds of execution, with each additional character doubling the execution time. Therefore, even a small payload can cause an application to become unresponsive and eventually result in a denial of service. Due to this reason, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "RHBZ#2439070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md",
"url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
}
],
"release_date": "2026-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ajv: ReDoS via $data reference"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4926",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T20:03:28.427630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.\n\nThe Red Hat Advanced Cluster Security is not affected by this issue since it\u0027s shipping a `path-to-regexp` version which doesn\u0027t contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "RHBZ#2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"release_date": "2026-03-26T18:59:38+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
},
{
"cve": "CVE-2026-6322",
"cwe": {
"id": "CWE-140",
"name": "Improper Neutralization of Delimiters"
},
"discovery_date": "2026-05-05T11:01:00.332189+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by crafting a malicious Uniform Resource Identifier (URI) that contains percent-encoded authority delimiters. The fast-uri library incorrectly decodes these delimiters during normalization and then re-emits them as raw separators, which can change the URI\u0027s intended authority. This issue allows applications that perform host allowlist checks, redirect validation, or outbound request routing to be steered to a different authority than specified, potentially bypassing security controls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the `fast-uri` library allows an attacker to bypass security controls in Red Hat products that process Uniform Resource Identifiers (URIs). By crafting a malicious URI with percent-encoded authority delimiters, an attacker can cause the library to incorrectly interpret the URI\u0027s authority, potentially redirecting applications to an unintended domain. This could lead to a bypass of host allowlist checks, redirect validation, or outbound request routing.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6322"
},
{
"category": "external",
"summary": "RHBZ#2466684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6322",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6322"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-v39h-62p7-jpjc"
}
],
"release_date": "2026-05-05T10:29:16.378000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: URI authority bypass due to improper delimiter handling"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Go `crypto/x509` package that could allow an attacker to bypass certificate validation. The vulnerability arises from an incorrect application of excluded DNS constraints to wildcard DNS Subject Alternative Names (SANs) when their case differs from the constraint. This could lead to Red Hat products accepting malicious certificates from otherwise trusted chains, compromising the trust model.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42151",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"discovery_date": "2026-05-04T19:02:26.983660+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466507"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important information disclosure flaw in Prometheus affects instances configured to use Azure AD remote write with OAuth authentication. The client secret, intended to be a secure credential, is exposed in plaintext through the `/-/config` HTTP API endpoint. This could allow an attacker with access to this endpoint to retrieve the secret, potentially compromising integrated Azure AD services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "RHBZ#2466507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18587",
"url": "https://github.com/prometheus/prometheus/pull/18587"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18590",
"url": "https://github.com/prometheus/prometheus/pull/18590"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"
}
],
"release_date": "2026-05-04T18:12:16.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API"
},
{
"cve": "CVE-2026-42154",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-04T19:02:19.626646+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Prometheus, allowing an unauthenticated remote attacker to crash the Prometheus process. This could lead to service unavailability in Red Hat products that deploy Prometheus for monitoring, as the remote read endpoint does not properly validate snappy-compressed request lengths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "RHBZ#2466505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18584",
"url": "https://github.com/prometheus/prometheus/pull/18584"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18585",
"url": "https://github.com/prometheus/prometheus/pull/18585"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"
}
],
"release_date": "2026-05-04T18:13:12.340000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint"
},
{
"cve": "CVE-2026-42508",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-22T04:01:49.515058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480688"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "RHBZ#2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://go.dev/cl/781220",
"url": "https://go.dev/cl/781220"
},
{
"category": "external",
"summary": "https://go.dev/issue/79568",
"url": "https://go.dev/issue/79568"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5021",
"url": "https://pkg.go.dev/vuln/GO-2026-5021"
}
],
"release_date": "2026-05-22T02:31:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64"
],
"known_not_affected": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T10:08:44+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36651"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:7e7958da7226d0bb3b19bc1447e8545d7d96988d0bde589fbdd649e011586a95_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alert-exporter-rhel9@sha256:bb489e9db92d4fb9715575d079cb8ac8500efc1a53b232c08891ef0c1352a8e7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:9280560b3774698fbd30a1e3a14e6b57f42609bc24bbe8b025a629450b0a7927_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-alertmanager-proxy-rhel9@sha256:e4c9707494658435871f50c35a690d8cc4d01bf1325dc6ca9379cd40a302644a_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:5f754d14e660f29e18748a47cf56e3c18f656472cd93b6aff939b998f058f89d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-api-rhel9@sha256:fb4fb7684ce126b8469959ed878b3a7a91884c356c9f6bfac99bd4b2f23ce6a2_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:3a7cfaa9f3b0900827022d18f529f211361e6ba372eb8458035c4e4f0e3ae607_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-cli-artifacts-rhel9@sha256:c9aa3e4437c767e9a08731b395626b8d69ba466c7f0f1eb6245b9c19ce83e908_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:0b775738a61fe65ffbe59629fe7451eb02b1cf1c40740e5c30a33f0ff0eede2d_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-db-setup-rhel9@sha256:84f67cafc98159f1308a6e35dbd4290e7cc2d946d078e98e3900d78e3eb3ccf7_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:225a7daaaaf072c45225ae3f4ee793c48dd82f62334d8213872b3b022c30d44e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-pam-issuer-rhel9@sha256:6d9c18658ff3931e918eab69039751b48922c77b8c47605a6ce240bce9982568_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:0ee30ee155ff08f2a637ad7a51cb05c587761ba91ad0c261df2100b622ba509b_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-periodic-rhel9@sha256:b0c0550b7f3d58517cb14220f5735694ac0a581335d0197645bdcb5ad4011a81_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:51ddafb4b356eb322c05191e18b9e7e8734eb90fefc9e79f3f50310fcefc1d7f_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-telemetry-gateway-rhel9@sha256:aba941ba3f928360a744e26745f34962f6ecf3d211b37d4b50bee68803c370ca_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:5f14b823c53919e94d6b57a5a681008a6bc0ba6ee3fd74e744c792c6df11baad_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-ocp-rhel9@sha256:e8480249816c12331f27b87d9edb1b15fb8efb8cc8b86bda38750cde3e05a60e_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:e75051d27fae381533a2fb8e8a5dd3e68700dbfea20c50f4d580705bed6e5cf8_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-ui-rhel9@sha256:f1e785adb22e3d3c869eabe31f5009f8f8a928e4ad9b553a4bf254476e233e70_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:636c2b9fe1b410168f9f5b8956255ef0eb6b0fd2b9247fb020ec9b50df5e5321_arm64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-userinfo-proxy-rhel9@sha256:ceb10edf040f4d60df9307758ff49f212bf950f93db6ae04d92d686d372ba8bb_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:11bd15489ac98c413d610197422b504fa0fb4478f2d838b91de35e3b9380de79_amd64",
"Red Hat Edge Manager 1.0:registry.redhat.io/rhem/flightctl-worker-rhel9@sha256:4ae2d884d5b5d7caf876bbb2118b715ae632e5c4dad3d19edd15ec935e588395_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
}
]
}
RHSA-2026:36796
Vulnerability from csaf_redhat - Published: 2026-07-08 15:52 - Updated: 2026-07-10 16:38A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — | ||
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Edge Manager Version 1.0.3 Security Update",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Edge Manager (RHEM) provides simple, scalable, and security-focused\nmanagement of edge devices and applications. It supports image-mode RHEL and\ncontainer workloads that run on Podman/Docker or Kubernetes.\n\nRHEM is now available as a standalone feature, providing greater flexibility for\nedge deployments. In addition to the standalone version, RHEM continues to be\noffered as a plugin for the following platforms:\n\nRed Hat Advanced Cluster Management (RHACM): Extends fleet management to edge\ndevices.\nRed Hat Ansible Automation Platform (AAP): Integrates edge management with\nAnsible automation.\n\nThis integration enables organizations to optimize the management and\norchestration of their fleets of edge devices; whether its thousands of\ndispersed retail point-of-sale systems or industrial machinery on remote factory\nfloors.\n\nValue for customers and partners:\n\n* This solution not only helps customers manage thousands of devices but helps\nscale operations.\n* To manage large-scale deployments, customers need to be able to integrate with\ntheir existing management systems, support remote configuration and over-the-air\nupdates, and collect telemetry data for advanced analytics.\n* Red Hat Edge Manager offers a simple and security-focused lifecycle\nmanagement, from onboarding to decommissioning of edge devices.\n\nThis complete end-to-end solution empowers organizations to gain the most value\nfrom the fleets of devices that generate data, all from a centralized location.\n\nSecurity fixes:\n\n* golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate (CVE-2026-39835)\n* golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses (CVE-2026-39830)\n* golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters (CVE-2026-39829)\n* golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions (CVE-2026-39828)\n* golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation (CVE-2026-46595)\n* golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions (CVE-2026-39832)\n* golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey (CVE-2026-42508)\n* golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821)\n* Go net package: Denial of Service via long CNAME response in LookupCNAME (CVE-2026-33811)\n* Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n* Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application (CVE-2026-33810)\n* Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n* Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n* Go crypto/x509: Incorrect enforcement of email constraints (CVE-2026-27137)\n* Go net/url: Incorrect parsing of IPv6 host literals (CVE-2026-25679)\n* golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n* github.com/jackc/pgx: Memory-safety vulnerability (CVE-2026-33815)\n* github.com/jackc/pgx: Memory-safety vulnerability (CVE-2026-33816)\n* gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n* Prometheus: Information disclosure of Azure OAuth client secret via config API (CVE-2026-42151)\n* Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint (CVE-2026-42154)\n* Root.Chmod can follow symlinks out of the root (CVE-2026-32282)\n* Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code (CVE-2026-35469)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36796",
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/managing_device_fleets_with_the_red_hat_edge_manager/assembly-edge-manager-intro",
"url": "https://docs.redhat.com/en/documentation/red_hat_ansible_automation_platform/2.5/html/managing_device_fleets_with_the_red_hat_edge_manager/assembly-edge-manager-intro"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html-single/edge_manager/index#edge-mgr-intro",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.15/html-single/edge_manager/index#edge-mgr-intro"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "2457729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457729"
},
{
"category": "external",
"summary": "2466505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
},
{
"category": "external",
"summary": "2466507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
},
{
"category": "external",
"summary": "2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36796.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Edge Manager Version 1.0.3 Security Update",
"tracking": {
"current_release_date": "2026-07-10T16:38:47+00:00",
"generator": {
"date": "2026-07-10T16:38:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36796",
"initial_release_date": "2026-07-08T15:52:29+00:00",
"revision_history": [
{
"date": "2026-07-08T15:52:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T15:52:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:38:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEM 1.0 for RHEL 9",
"product": {
"name": "RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:edge_manager:1.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Edge Manager"
},
{
"branches": [
{
"category": "product_version",
"name": "flightctl-0:1.0.3-1.el9em.src",
"product": {
"name": "flightctl-0:1.0.3-1.el9em.src",
"product_id": "flightctl-0:1.0.3-1.el9em.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl@1.0.3-1.el9em?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "flightctl-agent-0:1.0.3-1.el9em.x86_64",
"product": {
"name": "flightctl-agent-0:1.0.3-1.el9em.x86_64",
"product_id": "flightctl-agent-0:1.0.3-1.el9em.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-agent@1.0.3-1.el9em?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "flightctl-cli-0:1.0.3-1.el9em.x86_64",
"product": {
"name": "flightctl-cli-0:1.0.3-1.el9em.x86_64",
"product_id": "flightctl-cli-0:1.0.3-1.el9em.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-cli@1.0.3-1.el9em?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "flightctl-observability-0:1.0.3-1.el9em.x86_64",
"product": {
"name": "flightctl-observability-0:1.0.3-1.el9em.x86_64",
"product_id": "flightctl-observability-0:1.0.3-1.el9em.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-observability@1.0.3-1.el9em?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "flightctl-services-0:1.0.3-1.el9em.x86_64",
"product": {
"name": "flightctl-services-0:1.0.3-1.el9em.x86_64",
"product_id": "flightctl-services-0:1.0.3-1.el9em.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-services@1.0.3-1.el9em?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64",
"product": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64",
"product_id": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-telemetry-gateway@1.0.3-1.el9em?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "flightctl-agent-0:1.0.3-1.el9em.s390x",
"product": {
"name": "flightctl-agent-0:1.0.3-1.el9em.s390x",
"product_id": "flightctl-agent-0:1.0.3-1.el9em.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-agent@1.0.3-1.el9em?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "flightctl-cli-0:1.0.3-1.el9em.s390x",
"product": {
"name": "flightctl-cli-0:1.0.3-1.el9em.s390x",
"product_id": "flightctl-cli-0:1.0.3-1.el9em.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-cli@1.0.3-1.el9em?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "flightctl-observability-0:1.0.3-1.el9em.s390x",
"product": {
"name": "flightctl-observability-0:1.0.3-1.el9em.s390x",
"product_id": "flightctl-observability-0:1.0.3-1.el9em.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-observability@1.0.3-1.el9em?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "flightctl-services-0:1.0.3-1.el9em.s390x",
"product": {
"name": "flightctl-services-0:1.0.3-1.el9em.s390x",
"product_id": "flightctl-services-0:1.0.3-1.el9em.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-services@1.0.3-1.el9em?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"product": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"product_id": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-telemetry-gateway@1.0.3-1.el9em?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"product": {
"name": "flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"product_id": "flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-agent@1.0.3-1.el9em?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"product": {
"name": "flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"product_id": "flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-cli@1.0.3-1.el9em?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"product": {
"name": "flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"product_id": "flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-observability@1.0.3-1.el9em?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "flightctl-services-0:1.0.3-1.el9em.ppc64le",
"product": {
"name": "flightctl-services-0:1.0.3-1.el9em.ppc64le",
"product_id": "flightctl-services-0:1.0.3-1.el9em.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-services@1.0.3-1.el9em?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"product": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"product_id": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-telemetry-gateway@1.0.3-1.el9em?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "flightctl-agent-0:1.0.3-1.el9em.aarch64",
"product": {
"name": "flightctl-agent-0:1.0.3-1.el9em.aarch64",
"product_id": "flightctl-agent-0:1.0.3-1.el9em.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-agent@1.0.3-1.el9em?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "flightctl-cli-0:1.0.3-1.el9em.aarch64",
"product": {
"name": "flightctl-cli-0:1.0.3-1.el9em.aarch64",
"product_id": "flightctl-cli-0:1.0.3-1.el9em.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-cli@1.0.3-1.el9em?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "flightctl-observability-0:1.0.3-1.el9em.aarch64",
"product": {
"name": "flightctl-observability-0:1.0.3-1.el9em.aarch64",
"product_id": "flightctl-observability-0:1.0.3-1.el9em.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-observability@1.0.3-1.el9em?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "flightctl-services-0:1.0.3-1.el9em.aarch64",
"product": {
"name": "flightctl-services-0:1.0.3-1.el9em.aarch64",
"product_id": "flightctl-services-0:1.0.3-1.el9em.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-services@1.0.3-1.el9em?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"product": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"product_id": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-telemetry-gateway@1.0.3-1.el9em?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "flightctl-selinux-0:1.0.3-1.el9em.noarch",
"product": {
"name": "flightctl-selinux-0:1.0.3-1.el9em.noarch",
"product_id": "flightctl-selinux-0:1.0.3-1.el9em.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flightctl-selinux@1.0.3-1.el9em?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-0:1.0.3-1.el9em.src as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src"
},
"product_reference": "flightctl-0:1.0.3-1.el9em.src",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-agent-0:1.0.3-1.el9em.aarch64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64"
},
"product_reference": "flightctl-agent-0:1.0.3-1.el9em.aarch64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-agent-0:1.0.3-1.el9em.ppc64le as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le"
},
"product_reference": "flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-agent-0:1.0.3-1.el9em.s390x as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x"
},
"product_reference": "flightctl-agent-0:1.0.3-1.el9em.s390x",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-agent-0:1.0.3-1.el9em.x86_64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64"
},
"product_reference": "flightctl-agent-0:1.0.3-1.el9em.x86_64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-cli-0:1.0.3-1.el9em.aarch64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64"
},
"product_reference": "flightctl-cli-0:1.0.3-1.el9em.aarch64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-cli-0:1.0.3-1.el9em.ppc64le as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le"
},
"product_reference": "flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-cli-0:1.0.3-1.el9em.s390x as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x"
},
"product_reference": "flightctl-cli-0:1.0.3-1.el9em.s390x",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-cli-0:1.0.3-1.el9em.x86_64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64"
},
"product_reference": "flightctl-cli-0:1.0.3-1.el9em.x86_64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-observability-0:1.0.3-1.el9em.aarch64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64"
},
"product_reference": "flightctl-observability-0:1.0.3-1.el9em.aarch64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-observability-0:1.0.3-1.el9em.ppc64le as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le"
},
"product_reference": "flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-observability-0:1.0.3-1.el9em.s390x as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x"
},
"product_reference": "flightctl-observability-0:1.0.3-1.el9em.s390x",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-observability-0:1.0.3-1.el9em.x86_64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64"
},
"product_reference": "flightctl-observability-0:1.0.3-1.el9em.x86_64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-selinux-0:1.0.3-1.el9em.noarch as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
},
"product_reference": "flightctl-selinux-0:1.0.3-1.el9em.noarch",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-services-0:1.0.3-1.el9em.aarch64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64"
},
"product_reference": "flightctl-services-0:1.0.3-1.el9em.aarch64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-services-0:1.0.3-1.el9em.ppc64le as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le"
},
"product_reference": "flightctl-services-0:1.0.3-1.el9em.ppc64le",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-services-0:1.0.3-1.el9em.s390x as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x"
},
"product_reference": "flightctl-services-0:1.0.3-1.el9em.s390x",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-services-0:1.0.3-1.el9em.x86_64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64"
},
"product_reference": "flightctl-services-0:1.0.3-1.el9em.x86_64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64"
},
"product_reference": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le"
},
"product_reference": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x"
},
"product_reference": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"relates_to_product_reference": "9Base-RHEM-1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64 as a component of RHEM 1.0 for RHEL 9",
"product_id": "9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
},
"product_reference": "flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64",
"relates_to_product_reference": "9Base-RHEM-1.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go standard library\u0027s certificate chain building process. Systems utilizing Go applications that process untrusted TLS certificates or X.509 certificate chains are susceptible to resource exhaustion when presented with an excessive number of intermediate certificates, potentially leading to service unavailability. This flaw impacts applications directly using `crypto/x509` or `crypto/tls`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in the Go `crypto/tls` package allows a remote attacker to cause a denial of service in applications using TLS 1.3. By sending multiple key update messages in a single record post-handshake, an attacker can trigger a connection deadlock, leading to uncontrolled resource consumption. This impacts Red Hat products utilizing the affected Go standard library for TLS 1.3 connections.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Go `crypto/x509` package that could allow an attacker to bypass certificate validation. The vulnerability arises from an incorrect application of excluded DNS constraints to wildcard DNS Subject Alternative Names (SANs) when their case differs from the constraint. This could lead to Red Hat products accepting malicious certificates from otherwise trusted chains, compromising the trust model.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-35469",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-13T03:52:35+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457729"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Service (DoS) by causing the affected components to become unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw affecting OpenShift Container Platform. An attacker with specific elevated cluster roles, such as those permitting pod port forwarding, execution, attachment, or node proxying, could exploit a vulnerability in the SPDY streaming code of Kubelet, CRI-O, and kube-apiserver, leading to unresponsiveness of these critical components.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "RHBZ#2457729",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457729"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35469"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35469"
}
],
"release_date": "2026-04-13T23:59:59+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "To mitigate this issue, review and restrict the assignment of Kubernetes cluster roles `pods/portforward (create)`, `pods/exec (create)`, `pods/attach (create)`, and `nodes/proxy (get/create)` to untrusted users or service accounts. Ensure that only authorized and necessary entities possess these permissions. Modifying RBAC policies can impact the functionality of applications and services that rely on these permissions; careful testing is recommended.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42151",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"discovery_date": "2026-05-04T19:02:26.983660+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466507"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important information disclosure flaw in Prometheus affects instances configured to use Azure AD remote write with OAuth authentication. The client secret, intended to be a secure credential, is exposed in plaintext through the `/-/config` HTTP API endpoint. This could allow an attacker with access to this endpoint to retrieve the secret, potentially compromising integrated Azure AD services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "RHBZ#2466507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18587",
"url": "https://github.com/prometheus/prometheus/pull/18587"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18590",
"url": "https://github.com/prometheus/prometheus/pull/18590"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"
}
],
"release_date": "2026-05-04T18:12:16.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API"
},
{
"cve": "CVE-2026-42154",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-04T19:02:19.626646+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466505"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus. An unauthenticated attacker can exploit the remote read endpoint (`/api/v1/read`) by sending a specially crafted, small snappy-compressed payload. This payload causes a disproportionately large memory allocation, leading to memory exhaustion and a Denial of Service (DoS) by crashing the Prometheus process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Prometheus, allowing an unauthenticated remote attacker to crash the Prometheus process. This could lead to service unavailability in Red Hat products that deploy Prometheus for monitoring, as the remote read endpoint does not properly validate snappy-compressed request lengths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42154"
},
{
"category": "external",
"summary": "RHBZ#2466505",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466505"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42154"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18584",
"url": "https://github.com/prometheus/prometheus/pull/18584"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18585",
"url": "https://github.com/prometheus/prometheus/pull/18585"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm"
}
],
"release_date": "2026-05-04T18:13:12.340000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Denial of Service via uncontrolled memory allocation in remote read endpoint"
},
{
"cve": "CVE-2026-42508",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-22T04:01:49.515058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480688"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "RHBZ#2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://go.dev/cl/781220",
"url": "https://go.dev/cl/781220"
},
{
"category": "external",
"summary": "https://go.dev/issue/79568",
"url": "https://go.dev/issue/79568"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5021",
"url": "https://pkg.go.dev/vuln/GO-2026-5021"
}
],
"release_date": "2026-05-22T02:31:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"known_not_affected": [
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:52:29+00:00",
"details": "See the following documentation for details on how to enable Red Hat Edge Manager and more: https://docs.redhat.com/en/documentation/red_hat_edge_manager/1.0",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36796"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHEM-1.0:flightctl-0:1.0.3-1.el9em.src",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-agent-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-cli-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-observability-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-selinux-0:1.0.3-1.el9em.noarch",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-services-0:1.0.3-1.el9em.x86_64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.aarch64",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.ppc64le",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.s390x",
"9Base-RHEM-1.0:flightctl-telemetry-gateway-0:1.0.3-1.el9em.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
}
]
}
RHSA-2026:36797
Vulnerability from csaf_redhat - Published: 2026-07-08 15:46 - Updated: 2026-07-10 16:26A flaw was found in the `crypto/x509` package of `golang`. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name (SAN) entries. The certificate verification process, specifically the `VerifyHostname` function, incurs excessive computational overhead due to repeated string operations when processing these entries. This can lead to a significant performance degradation or unresponsiveness of systems validating such certificates.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. The NewKeyring() function, which creates an in-memory keyring, failed to enforce the ConfirmBeforeUse constraint on keys. This allowed keys configured to require user confirmation before use to perform signing operations without any prompt or indication to the user. Consequently, an attacker could potentially bypass intended security controls, leading to unauthorized cryptographic signing actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.4.2 release of the RHTAS CLIs.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS CLI Stack images for RHTAS 1.4.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36797",
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27145",
"url": "https://access.redhat.com/security/cve/CVE-2026-27145"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33811",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39820",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39833",
"url": "https://access.redhat.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42151",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42499",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42508",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36797.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.4.2 - CLI Stack Release",
"tracking": {
"current_release_date": "2026-07-10T16:26:04+00:00",
"generator": {
"date": "2026-07-10T16:26:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36797",
"initial_release_date": "2026-07-08T15:46:32+00:00",
"revision_history": [
{
"date": "2026-07-08T15:46:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T15:46:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.4",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "conforma-cli-stack-v1-4@amd64_darwin",
"product": {
"name": "conforma-cli-stack-v1-4@amd64_darwin",
"product_id": "conforma-cli-stack-v1-4@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/conforma-cli-stack-v1-4@1.4.2?filename=ec_darwin_amd64.tar.gz\u0026checksum=sha256:0344b4e6a24947a5d5bb150114c457c99c7c1f4b987b7325c599103b2620f0b1\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "cosign-cli-stack-v1-4@amd64_darwin",
"product": {
"name": "cosign-cli-stack-v1-4@amd64_darwin",
"product_id": "cosign-cli-stack-v1-4@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/cosign-cli-stack-v1-4@1.4.2?filename=cosign_darwin_amd64.tar.gz\u0026checksum=sha256:8eea0dd7273667cb6a00783550f90598569988533d1df3e9ead97062f52c3ad0\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"product": {
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"product_id": "fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/fetch-tsa-certs-cli-stack-v1-4@1.4.2?filename=fetch_tsa_certs_darwin_amd64.tar.gz\u0026checksum=sha256:cc3daa1b5f8a0154f2ede5fec3c9d9755f6f8bafd44aac6801f61d3788b0a852\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "gitsign-cli-stack-v1-4@amd64_darwin",
"product": {
"name": "gitsign-cli-stack-v1-4@amd64_darwin",
"product_id": "gitsign-cli-stack-v1-4@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/gitsign-cli-stack-v1-4@1.4.2?filename=gitsign_cli_darwin_amd64.tar.gz\u0026checksum=sha256:40a44daf09563a272b303a57306fce013945da9e9267da5c0095ba30fe1ac954\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "model-transparency-cli-stack-v1-4@amd64_darwin",
"product": {
"name": "model-transparency-cli-stack-v1-4@amd64_darwin",
"product_id": "model-transparency-cli-stack-v1-4@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/model-transparency-cli-stack-v1-4@1.4.2?filename=model_transparency_cli_darwin_amd64.tar.gz\u0026checksum=sha256:9d8083d8956c3a5b6af761879ae66699f09be16b5a2d46d0829f0369e722bbc3\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "rekor-cli-stack-v1-4@amd64_darwin",
"product": {
"name": "rekor-cli-stack-v1-4@amd64_darwin",
"product_id": "rekor-cli-stack-v1-4@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/rekor-cli-stack-v1-4@1.4.2?filename=rekor_cli_darwin_amd64.tar.gz\u0026checksum=sha256:d026b169014317d85fc71bef3ca52fdf421b57248479413097853e47118de188\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "trillian-cli-stack-v1-4@amd64_darwin",
"product": {
"name": "trillian-cli-stack-v1-4@amd64_darwin",
"product_id": "trillian-cli-stack-v1-4@amd64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/trillian-cli-stack-v1-4@1.4.2?filename=updatetree_darwin_amd64.tar.gz\u0026checksum=sha256:d11811c053131069d6a7937f2ee81aacf29aa5e0dc0e4fc2c21fcf219b4c1384\u0026download_url=https://developers.qa.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "amd64_darwin"
},
{
"branches": [
{
"category": "product_version",
"name": "conforma-cli-stack-v1-4@arm64_darwin",
"product": {
"name": "conforma-cli-stack-v1-4@arm64_darwin",
"product_id": "conforma-cli-stack-v1-4@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/conforma-cli-stack-v1-4@1.4.2?filename=ec_darwin_arm64.tar.gz\u0026checksum=sha256:f15eb4c22d7a540a06aa2042fe689924606fa28c9c20a8d645619f4e3de5a449\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "cosign-cli-stack-v1-4@arm64_darwin",
"product": {
"name": "cosign-cli-stack-v1-4@arm64_darwin",
"product_id": "cosign-cli-stack-v1-4@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/cosign-cli-stack-v1-4@1.4.2?filename=cosign_darwin_arm64.tar.gz\u0026checksum=sha256:32a80cab00f2e3b94dd7614e19ba09d5a94f22c10939ca4ca06fc461e6c4b4ec\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"product": {
"name": "fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"product_id": "fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/fetch-tsa-certs-cli-stack-v1-4@1.4.2?filename=fetch_tsa_certs_darwin_arm64.tar.gz\u0026checksum=sha256:1e3c1789230f060f1225182f7f6caec445f7c04f6d9d29078151338654352f5b\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "gitsign-cli-stack-v1-4@arm64_darwin",
"product": {
"name": "gitsign-cli-stack-v1-4@arm64_darwin",
"product_id": "gitsign-cli-stack-v1-4@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/gitsign-cli-stack-v1-4@1.4.2?filename=gitsign_cli_darwin_arm64.tar.gz\u0026checksum=sha256:024e50fa4e9349e0468680ac94e281daefbcda7acc4a14db61052a242ace37a7\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "model-transparency-cli-stack-v1-4@arm64_darwin",
"product": {
"name": "model-transparency-cli-stack-v1-4@arm64_darwin",
"product_id": "model-transparency-cli-stack-v1-4@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/model-transparency-cli-stack-v1-4@1.4.2?filename=model_transparency_cli_darwin_arm64.tar.gz\u0026checksum=sha256:7b86c47c8564a533fb2a5194306857aa9c2b8fca16f8de9a8e242fa58ce3b700\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "rekor-cli-stack-v1-4@arm64_darwin",
"product": {
"name": "rekor-cli-stack-v1-4@arm64_darwin",
"product_id": "rekor-cli-stack-v1-4@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/rekor-cli-stack-v1-4@1.4.2?filename=rekor_cli_darwin_arm64.tar.gz\u0026checksum=sha256:7fd467b7fe65bb4294db426efc9bf264bee8e7773341abac7a8503905464e029\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "trillian-cli-stack-v1-4@arm64_darwin",
"product": {
"name": "trillian-cli-stack-v1-4@arm64_darwin",
"product_id": "trillian-cli-stack-v1-4@arm64_darwin",
"product_identification_helper": {
"purl": "pkg:generic/trillian-cli-stack-v1-4@1.4.2?filename=updatetree_darwin_arm64.tar.gz\u0026checksum=sha256:9a6e31af8de1aecbc209eb371c70cb8a40fa13ac076200c717ef32c52fdf1c32\u0026download_url=https://developers.qa.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "arm64_darwin"
},
{
"branches": [
{
"category": "product_version",
"name": "conforma-cli-stack-v1-4@amd64",
"product": {
"name": "conforma-cli-stack-v1-4@amd64",
"product_id": "conforma-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/conforma-cli-stack-v1-4@1.4.2?filename=ec_linux_amd64.tar.gz\u0026checksum=sha256:1ff31ed89331b18828e430c5b8ab74f6af01ce6767796d630b5f3a9b17b28dc6\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "cosign-cli-stack-v1-4@amd64",
"product": {
"name": "cosign-cli-stack-v1-4@amd64",
"product_id": "cosign-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/cosign-cli-stack-v1-4@1.4.2?filename=cosign_linux_amd64.tar.gz\u0026checksum=sha256:6b31c7f26dc20a7903ee0ff5fddf9b28f445d25caa4d6cf789ceaa5ca70ce112\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64",
"product": {
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64",
"product_id": "fetch-tsa-certs-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/fetch-tsa-certs-cli-stack-v1-4@1.4.2?filename=fetch_tsa_certs_linux_amd64.tar.gz\u0026checksum=sha256:93720b9c3c48d7f94e885f9250bde724b9ea9f99e9b5c6263746c9d5b94be04e\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "gitsign-cli-stack-v1-4@amd64",
"product": {
"name": "gitsign-cli-stack-v1-4@amd64",
"product_id": "gitsign-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/gitsign-cli-stack-v1-4@1.4.2?filename=gitsign_cli_linux_amd64.tar.gz\u0026checksum=sha256:e51c54d5cf34895b8f7c3b391ba7070aac61a557f84f50fb223597412da03414\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "model-transparency-cli-stack-v1-4@amd64",
"product": {
"name": "model-transparency-cli-stack-v1-4@amd64",
"product_id": "model-transparency-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/model-transparency-cli-stack-v1-4@1.4.2?filename=model_transparency_cli_pkcs11_linux_amd64.tar.gz\u0026checksum=sha256:cd613b774b604748640e3b70519fbef26f47740e9e615f1806ff168c6be5d423\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "rekor-cli-stack-v1-4@amd64",
"product": {
"name": "rekor-cli-stack-v1-4@amd64",
"product_id": "rekor-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/rekor-cli-stack-v1-4@1.4.2?filename=rekor_cli_linux_amd64.tar.gz\u0026checksum=sha256:2b1bebaca059a78c9c6c15941f1a03960cd515bf76fe61dc325b5487c0bf5839\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "trillian-cli-stack-v1-4@amd64",
"product": {
"name": "trillian-cli-stack-v1-4@amd64",
"product_id": "trillian-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/trillian-cli-stack-v1-4@1.4.2?filename=updatetree_linux_amd64.tar.gz\u0026checksum=sha256:a9e25e8e3287e4c49d2d5c8d594fd8997c14e9d5f12c19ebe7d2a4be3a367186\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "tuftool-cli-stack-v1-4@amd64",
"product": {
"name": "tuftool-cli-stack-v1-4@amd64",
"product_id": "tuftool-cli-stack-v1-4@amd64",
"product_identification_helper": {
"purl": "pkg:generic/tuftool-cli-stack-v1-4@1.4.2?filename=tuftool_linux_amd64.tar.gz\u0026checksum=sha256:3a83ac0e1ba4cf6827ff5b38f5f44c94427ef85beb860325e6ccd116a0b60dce\u0026download_url=https://developers.qa.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "conforma-cli-stack-v1-4@arm64",
"product": {
"name": "conforma-cli-stack-v1-4@arm64",
"product_id": "conforma-cli-stack-v1-4@arm64",
"product_identification_helper": {
"purl": "pkg:generic/conforma-cli-stack-v1-4@1.4.2?filename=ec_linux_arm64.tar.gz\u0026checksum=sha256:e37f9344035bed820ae772b9f94c1bbc9e3ae8c394f29ceea57e390fd286031d\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "cosign-cli-stack-v1-4@arm64",
"product": {
"name": "cosign-cli-stack-v1-4@arm64",
"product_id": "cosign-cli-stack-v1-4@arm64",
"product_identification_helper": {
"purl": "pkg:generic/cosign-cli-stack-v1-4@1.4.2?filename=cosign_linux_arm64.tar.gz\u0026checksum=sha256:5038ef7ea154bd08e7625ec77014acbd7cdd1139bcd174242d39064a8b97320c\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "fetch-tsa-certs-cli-stack-v1-4@arm64",
"product": {
"name": "fetch-tsa-certs-cli-stack-v1-4@arm64",
"product_id": "fetch-tsa-certs-cli-stack-v1-4@arm64",
"product_identification_helper": {
"purl": "pkg:generic/fetch-tsa-certs-cli-stack-v1-4@1.4.2?filename=fetch_tsa_certs_linux_arm64.tar.gz\u0026checksum=sha256:88f469ea1387b26654726e60b9a34cd078cabbc50b45fdbdc3197b83faec324e\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "gitsign-cli-stack-v1-4@arm64",
"product": {
"name": "gitsign-cli-stack-v1-4@arm64",
"product_id": "gitsign-cli-stack-v1-4@arm64",
"product_identification_helper": {
"purl": "pkg:generic/gitsign-cli-stack-v1-4@1.4.2?filename=gitsign_cli_linux_arm64.tar.gz\u0026checksum=sha256:5bfe15a942a73fec6864df3a2acf02b34947b25aeb022094f9dbc6f32a173af2\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "model-transparency-cli-stack-v1-4@arm64",
"product": {
"name": "model-transparency-cli-stack-v1-4@arm64",
"product_id": "model-transparency-cli-stack-v1-4@arm64",
"product_identification_helper": {
"purl": "pkg:generic/model-transparency-cli-stack-v1-4@1.4.2?filename=model_transparency_cli_pkcs11_linux_arm64.tar.gz\u0026checksum=sha256:4067226e5e8708b1304349d996d5d004d9f827f8baa64e32759bbb25e5d9e883\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "rekor-cli-stack-v1-4@arm64",
"product": {
"name": "rekor-cli-stack-v1-4@arm64",
"product_id": "rekor-cli-stack-v1-4@arm64",
"product_identification_helper": {
"purl": "pkg:generic/rekor-cli-stack-v1-4@1.4.2?filename=rekor_cli_linux_arm64.tar.gz\u0026checksum=sha256:5129a9e3adeecb6e1d1ec0346e8bf38f5b19281009b92b45a157b211bc39b809\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "trillian-cli-stack-v1-4@arm64",
"product": {
"name": "trillian-cli-stack-v1-4@arm64",
"product_id": "trillian-cli-stack-v1-4@arm64",
"product_identification_helper": {
"purl": "pkg:generic/trillian-cli-stack-v1-4@1.4.2?filename=updatetree_linux_arm64.tar.gz\u0026checksum=sha256:2b094f8dbb25de8d4484065c9f3ee819a97fb67fd4d72088256ca0478f8821a7\u0026download_url=https://developers.qa.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "conforma-cli-stack-v1-4@ppc64le",
"product": {
"name": "conforma-cli-stack-v1-4@ppc64le",
"product_id": "conforma-cli-stack-v1-4@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/conforma-cli-stack-v1-4@1.4.2?filename=ec_linux_ppc64le.tar.gz\u0026checksum=sha256:2f5cbaabac374a8b61295858bfe984191a881970ebe17be83c3ba35c329fe13a\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "cosign-cli-stack-v1-4@ppc64le",
"product": {
"name": "cosign-cli-stack-v1-4@ppc64le",
"product_id": "cosign-cli-stack-v1-4@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/cosign-cli-stack-v1-4@1.4.2?filename=cosign_linux_ppc64le.tar.gz\u0026checksum=sha256:f3a5b8bd3928810ff4cd3469bd1b2c02c5310c0e9407477ac6ba38ce3b09fbb4\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"product": {
"name": "fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"product_id": "fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/fetch-tsa-certs-cli-stack-v1-4@1.4.2?filename=fetch_tsa_certs_linux_ppc64le.tar.gz\u0026checksum=sha256:25f972648cb2323dba8f825580d6b2de1e88db333c6ed78ad9832a094ea5dcad\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "gitsign-cli-stack-v1-4@ppc64le",
"product": {
"name": "gitsign-cli-stack-v1-4@ppc64le",
"product_id": "gitsign-cli-stack-v1-4@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/gitsign-cli-stack-v1-4@1.4.2?filename=gitsign_cli_linux_ppc64le.tar.gz\u0026checksum=sha256:99ed9ec270447d3b009e0ecf57e71620f39868e8b56d9c9be0bf239e5f07bf39\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "model-transparency-cli-stack-v1-4@ppc64le",
"product": {
"name": "model-transparency-cli-stack-v1-4@ppc64le",
"product_id": "model-transparency-cli-stack-v1-4@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/model-transparency-cli-stack-v1-4@1.4.2?filename=model_transparency_cli_pkcs11_linux_ppc64le.tar.gz\u0026checksum=sha256:9157f1e0a3f483f544c5a8b5d72886f422d1e8111ec75131adf6ee5f6146f1f7\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "rekor-cli-stack-v1-4@ppc64le",
"product": {
"name": "rekor-cli-stack-v1-4@ppc64le",
"product_id": "rekor-cli-stack-v1-4@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/rekor-cli-stack-v1-4@1.4.2?filename=rekor_cli_linux_ppc64le.tar.gz\u0026checksum=sha256:75d28c4e81f7496b0a927a44e0fce9a766e95a8e383126ac5feb432ec501cc54\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "trillian-cli-stack-v1-4@ppc64le",
"product": {
"name": "trillian-cli-stack-v1-4@ppc64le",
"product_id": "trillian-cli-stack-v1-4@ppc64le",
"product_identification_helper": {
"purl": "pkg:generic/trillian-cli-stack-v1-4@1.4.2?filename=updatetree_linux_ppc64le.tar.gz\u0026checksum=sha256:d90e1c644c394300a3e8234a945ee1d70e09ae8c37eb7aee5a3683017c864cbc\u0026download_url=https://developers.qa.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "conforma-cli-stack-v1-4@s390x",
"product": {
"name": "conforma-cli-stack-v1-4@s390x",
"product_id": "conforma-cli-stack-v1-4@s390x",
"product_identification_helper": {
"purl": "pkg:generic/conforma-cli-stack-v1-4@1.4.2?filename=ec_linux_s390x.tar.gz\u0026checksum=sha256:ae497f4c2974c0022303a3e1815605ca5e3115d17707b9f75238e3b739fa301a\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "cosign-cli-stack-v1-4@s390x",
"product": {
"name": "cosign-cli-stack-v1-4@s390x",
"product_id": "cosign-cli-stack-v1-4@s390x",
"product_identification_helper": {
"purl": "pkg:generic/cosign-cli-stack-v1-4@1.4.2?filename=cosign_linux_s390x.tar.gz\u0026checksum=sha256:ce8878b50b0c0d3a3828635e4b1045f0bb5f6deeafc1be8fb8ee9cfd2b65fc9d\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "fetch-tsa-certs-cli-stack-v1-4@s390x",
"product": {
"name": "fetch-tsa-certs-cli-stack-v1-4@s390x",
"product_id": "fetch-tsa-certs-cli-stack-v1-4@s390x",
"product_identification_helper": {
"purl": "pkg:generic/fetch-tsa-certs-cli-stack-v1-4@1.4.2?filename=fetch_tsa_certs_linux_s390x.tar.gz\u0026checksum=sha256:f73ce30aa019d116998479b58b4cafc03b3fbca16cc47101ea3e78845146f917\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "gitsign-cli-stack-v1-4@s390x",
"product": {
"name": "gitsign-cli-stack-v1-4@s390x",
"product_id": "gitsign-cli-stack-v1-4@s390x",
"product_identification_helper": {
"purl": "pkg:generic/gitsign-cli-stack-v1-4@1.4.2?filename=gitsign_cli_linux_s390x.tar.gz\u0026checksum=sha256:bac01104b8e4c112f0dd82af9d8a4f3ca78bbfefb4f88713eac5875bbff1b28a\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "model-transparency-cli-stack-v1-4@s390x",
"product": {
"name": "model-transparency-cli-stack-v1-4@s390x",
"product_id": "model-transparency-cli-stack-v1-4@s390x",
"product_identification_helper": {
"purl": "pkg:generic/model-transparency-cli-stack-v1-4@1.4.2?filename=model_transparency_cli_pkcs11_linux_s390x.tar.gz\u0026checksum=sha256:1bd24d59d4cebf682f6780da1bbd21e53cebf5f1ac7acfcac360a37a3c06c10c\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "rekor-cli-stack-v1-4@s390x",
"product": {
"name": "rekor-cli-stack-v1-4@s390x",
"product_id": "rekor-cli-stack-v1-4@s390x",
"product_identification_helper": {
"purl": "pkg:generic/rekor-cli-stack-v1-4@1.4.2?filename=rekor_cli_linux_s390x.tar.gz\u0026checksum=sha256:7e8de71d98a483e9fd07e1c79425bd7b3909bf1ebfa2ded9663c835819f280d2\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "trillian-cli-stack-v1-4@s390x",
"product": {
"name": "trillian-cli-stack-v1-4@s390x",
"product_id": "trillian-cli-stack-v1-4@s390x",
"product_identification_helper": {
"purl": "pkg:generic/trillian-cli-stack-v1-4@1.4.2?filename=updatetree_linux_s390x.tar.gz\u0026checksum=sha256:994a0886ef2ce20919b9422a72a900e85e76817874076fb4981c00dacc73837f\u0026download_url=https://developers.qa.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "conforma-cli-stack-v1-4@amd64_windows",
"product": {
"name": "conforma-cli-stack-v1-4@amd64_windows",
"product_id": "conforma-cli-stack-v1-4@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/conforma-cli-stack-v1-4@1.4.2?filename=ec_windows_amd64.zip\u0026checksum=sha256:08c6c5625f35891f5d902aa8e96e8081f7b8f6c331298faf124d657fe389afe1\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "cosign-cli-stack-v1-4@amd64_windows",
"product": {
"name": "cosign-cli-stack-v1-4@amd64_windows",
"product_id": "cosign-cli-stack-v1-4@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/cosign-cli-stack-v1-4@1.4.2?filename=cosign_windows_amd64.zip\u0026checksum=sha256:6238651a35a50a6c45014f03d744c593a4d81a7b2bfc124204cd13616ff8388c\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"product": {
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"product_id": "fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/fetch-tsa-certs-cli-stack-v1-4@1.4.2?filename=fetch_tsa_certs_windows_amd64.zip\u0026checksum=sha256:56491ee25bb1a67b612246bf5d4c57021d8545a3031ca010f9ccc9fc6136d2ed\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "gitsign-cli-stack-v1-4@amd64_windows",
"product": {
"name": "gitsign-cli-stack-v1-4@amd64_windows",
"product_id": "gitsign-cli-stack-v1-4@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/gitsign-cli-stack-v1-4@1.4.2?filename=gitsign_cli_windows_amd64.zip\u0026checksum=sha256:a5760ac48ebeed01a3d3391eaa6cd91e7e2cb2854f317c07446b4599772997ff\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "model-transparency-cli-stack-v1-4@amd64_windows",
"product": {
"name": "model-transparency-cli-stack-v1-4@amd64_windows",
"product_id": "model-transparency-cli-stack-v1-4@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/model-transparency-cli-stack-v1-4@1.4.2?filename=model_transparency_cli_windows_amd64.exe.gz\u0026checksum=sha256:ea9d1ce76fb5c7a8b2d1b6c91157a3b2c9cf021c80bcff773342e7bd7b2bdc90\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "rekor-cli-stack-v1-4@amd64_windows",
"product": {
"name": "rekor-cli-stack-v1-4@amd64_windows",
"product_id": "rekor-cli-stack-v1-4@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/rekor-cli-stack-v1-4@1.4.2?filename=rekor_cli_windows_amd64.zip\u0026checksum=sha256:31f0e4ddf6b49ab3c8c6513a1b947ea850b8250287e0a60ac6f6abbbf0c622d9\u0026download_url=https://developers.qa.redhat.com/products"
}
}
},
{
"category": "product_version",
"name": "trillian-cli-stack-v1-4@amd64_windows",
"product": {
"name": "trillian-cli-stack-v1-4@amd64_windows",
"product_id": "trillian-cli-stack-v1-4@amd64_windows",
"product_identification_helper": {
"purl": "pkg:generic/trillian-cli-stack-v1-4@1.4.2?filename=updatetree_windows_amd64.zip\u0026checksum=sha256:98bbdfa1f5625480ecd4b2bb2e8d90e1314449b03dfd2f67feaad316cdb7a82e\u0026download_url=https://developers.qa.redhat.com/products"
}
}
}
],
"category": "architecture",
"name": "amd64_windows"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "conforma-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64"
},
"product_reference": "conforma-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conforma-cli-stack-v1-4@amd64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin"
},
"product_reference": "conforma-cli-stack-v1-4@amd64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conforma-cli-stack-v1-4@amd64_windows as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows"
},
"product_reference": "conforma-cli-stack-v1-4@amd64_windows",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conforma-cli-stack-v1-4@arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64"
},
"product_reference": "conforma-cli-stack-v1-4@arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conforma-cli-stack-v1-4@arm64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin"
},
"product_reference": "conforma-cli-stack-v1-4@arm64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conforma-cli-stack-v1-4@ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le"
},
"product_reference": "conforma-cli-stack-v1-4@ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conforma-cli-stack-v1-4@s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
},
"product_reference": "conforma-cli-stack-v1-4@s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cosign-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64"
},
"product_reference": "cosign-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cosign-cli-stack-v1-4@amd64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin"
},
"product_reference": "cosign-cli-stack-v1-4@amd64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cosign-cli-stack-v1-4@amd64_windows as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows"
},
"product_reference": "cosign-cli-stack-v1-4@amd64_windows",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cosign-cli-stack-v1-4@arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64"
},
"product_reference": "cosign-cli-stack-v1-4@arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cosign-cli-stack-v1-4@arm64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin"
},
"product_reference": "cosign-cli-stack-v1-4@arm64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cosign-cli-stack-v1-4@ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le"
},
"product_reference": "cosign-cli-stack-v1-4@ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cosign-cli-stack-v1-4@s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x"
},
"product_reference": "cosign-cli-stack-v1-4@s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64"
},
"product_reference": "fetch-tsa-certs-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin"
},
"product_reference": "fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fetch-tsa-certs-cli-stack-v1-4@amd64_windows as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows"
},
"product_reference": "fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fetch-tsa-certs-cli-stack-v1-4@arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64"
},
"product_reference": "fetch-tsa-certs-cli-stack-v1-4@arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fetch-tsa-certs-cli-stack-v1-4@arm64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin"
},
"product_reference": "fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fetch-tsa-certs-cli-stack-v1-4@ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le"
},
"product_reference": "fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fetch-tsa-certs-cli-stack-v1-4@s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x"
},
"product_reference": "fetch-tsa-certs-cli-stack-v1-4@s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitsign-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64"
},
"product_reference": "gitsign-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitsign-cli-stack-v1-4@amd64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin"
},
"product_reference": "gitsign-cli-stack-v1-4@amd64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitsign-cli-stack-v1-4@amd64_windows as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows"
},
"product_reference": "gitsign-cli-stack-v1-4@amd64_windows",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitsign-cli-stack-v1-4@arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64"
},
"product_reference": "gitsign-cli-stack-v1-4@arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitsign-cli-stack-v1-4@arm64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin"
},
"product_reference": "gitsign-cli-stack-v1-4@arm64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitsign-cli-stack-v1-4@ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le"
},
"product_reference": "gitsign-cli-stack-v1-4@ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gitsign-cli-stack-v1-4@s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x"
},
"product_reference": "gitsign-cli-stack-v1-4@s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "model-transparency-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64"
},
"product_reference": "model-transparency-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "model-transparency-cli-stack-v1-4@amd64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin"
},
"product_reference": "model-transparency-cli-stack-v1-4@amd64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "model-transparency-cli-stack-v1-4@amd64_windows as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows"
},
"product_reference": "model-transparency-cli-stack-v1-4@amd64_windows",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "model-transparency-cli-stack-v1-4@arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64"
},
"product_reference": "model-transparency-cli-stack-v1-4@arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "model-transparency-cli-stack-v1-4@arm64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin"
},
"product_reference": "model-transparency-cli-stack-v1-4@arm64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "model-transparency-cli-stack-v1-4@ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le"
},
"product_reference": "model-transparency-cli-stack-v1-4@ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "model-transparency-cli-stack-v1-4@s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x"
},
"product_reference": "model-transparency-cli-stack-v1-4@s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rekor-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64"
},
"product_reference": "rekor-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rekor-cli-stack-v1-4@amd64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin"
},
"product_reference": "rekor-cli-stack-v1-4@amd64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rekor-cli-stack-v1-4@amd64_windows as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows"
},
"product_reference": "rekor-cli-stack-v1-4@amd64_windows",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rekor-cli-stack-v1-4@arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64"
},
"product_reference": "rekor-cli-stack-v1-4@arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rekor-cli-stack-v1-4@arm64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin"
},
"product_reference": "rekor-cli-stack-v1-4@arm64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rekor-cli-stack-v1-4@ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le"
},
"product_reference": "rekor-cli-stack-v1-4@ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rekor-cli-stack-v1-4@s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x"
},
"product_reference": "rekor-cli-stack-v1-4@s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trillian-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64"
},
"product_reference": "trillian-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trillian-cli-stack-v1-4@amd64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin"
},
"product_reference": "trillian-cli-stack-v1-4@amd64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trillian-cli-stack-v1-4@amd64_windows as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows"
},
"product_reference": "trillian-cli-stack-v1-4@amd64_windows",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trillian-cli-stack-v1-4@arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64"
},
"product_reference": "trillian-cli-stack-v1-4@arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trillian-cli-stack-v1-4@arm64_darwin as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin"
},
"product_reference": "trillian-cli-stack-v1-4@arm64_darwin",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trillian-cli-stack-v1-4@ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le"
},
"product_reference": "trillian-cli-stack-v1-4@ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trillian-cli-stack-v1-4@s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x"
},
"product_reference": "trillian-cli-stack-v1-4@s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tuftool-cli-stack-v1-4@amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
},
"product_reference": "tuftool-cli-stack-v1-4@amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-27145",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-06-02T23:01:08.992540+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2484207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package of `golang`. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name (SAN) entries. The certificate verification process, specifically the `VerifyHostname` function, incurs excessive computational overhead due to repeated string operations when processing these entries. This can lead to a significant performance degradation or unresponsiveness of systems validating such certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in the Go standard library crypto/x509 package. When verifying a TLS certificate hostname, VerifyHostname processed each DNS Subject Alternative Name (SAN) entry in a loop and repeatedly split the candidate hostname on \".\" characters. For certificates with a very large DNS SAN list, CPU use could grow quadratically with the number of SAN entries and hostname labels. Because hostname verification runs before the certificate chain is built, this overhead can occur even when the certificate is not trusted.\n\nRed Hat rates this issue as Important. It affects Red Hat products that include the Go standard library crypto/x509 code from an affected Go toolchain version (before Go 1.25.11, or from Go 1.26.0 through Go 1.26.3). Applications and container images built with a fixed Go release (1.25.11 or later, or 1.26.4 or later) are not affected. Community distributions such as Fedora are also affected.\n\nUpstream fix: Go 1.25.11 and Go 1.26.4 (GO-2026-5037).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27145"
},
{
"category": "external",
"summary": "RHBZ#2484207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2484207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27145",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27145"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27145"
},
{
"category": "external",
"summary": "https://go.dev/cl/783621",
"url": "https://go.dev/cl/783621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79694",
"url": "https://go.dev/issue/79694"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw",
"url": "https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5037",
"url": "https://pkg.go.dev/vuln/GO-2026-5037"
}
],
"release_date": "2026-06-02T22:01:36.954000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "A flaw was found in the Go standard library crypto/x509 package. When verifying a TLS certificate hostname, VerifyHostname processed each DNS Subject Alternative Name (SAN) entry in a loop and repeatedly split the candidate hostname on \".\" characters. For certificates with a very large DNS SAN list, CPU use could grow quadratically with the number of SAN entries and hostname labels. Because hostname verification runs before the certificate chain is built, this overhead can occur even when the certificate is not trusted.\n\nRed Hat rates this issue as Important. It affects Red Hat products that include the Go standard library crypto/x509 code from an affected Go toolchain version (before Go 1.25.11, or from Go 1.26.0 through Go 1.26.3). Applications and container images built with a fixed Go release (1.25.11 or later, or 1.26.4 or later) are not affected. Community distributions such as Fedora are also affected.\n\nUpstream fix: Go 1.25.11 and Go 1.26.4 (GO-2026-5037).",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries"
},
{
"cve": "CVE-2026-33811",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"discovery_date": "2026-05-07T20:01:34.913869+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467822"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net` package of Go (golang), specifically when using the `LookupCNAME` function with the `cgo` DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name (CNAME) response. This can trigger a double-free of C memory, leading to a crash and a Denial of Service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net` package, affecting applications configured to use the `cgo` DNS resolver. A remote attacker could trigger a double-free memory error by providing a very long CNAME response, leading to a crash of the vulnerable application and impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33811"
},
{
"category": "external",
"summary": "RHBZ#2467822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33811",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33811"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33811"
},
{
"category": "external",
"summary": "https://go.dev/cl/767860",
"url": "https://go.dev/cl/767860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78803",
"url": "https://go.dev/issue/78803"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4981",
"url": "https://pkg.go.dev/vuln/GO-2026-4981"
}
],
"release_date": "2026-05-07T19:41:19.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications can be configured to use the pure Go DNS resolver instead of the `cgo` DNS resolver. This can be achieved by setting the `GODEBUG` environment variable to `netdns=go`. For example, to run a Go application with this mitigation: `GODEBUG=netdns=go /path/to/your/go/application`. This change may require restarting affected applications or services to take effect. Users should verify that this change does not negatively impact DNS resolution for their specific application environment.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME"
},
{
"cve": "CVE-2026-39820",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-05-07T20:01:27.800929+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467820"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package of the Go programming language. An attacker could provide specially crafted inputs to the `ParseAddress`, `ParseAddressList`, or `ParseDate` functions. This could lead to excessive consumption of CPU and memory resources, resulting in a Denial of Service (DoS) for applications processing these inputs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the Go `net/mail` package. Applications processing untrusted email inputs via `ParseAddress`, `ParseAddressList`, or `ParseDate` functions are susceptible to excessive resource consumption, which can lead to service unavailability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39820"
},
{
"category": "external",
"summary": "RHBZ#2467820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39820",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39820"
},
{
"category": "external",
"summary": "https://go.dev/cl/759940",
"url": "https://go.dev/cl/759940"
},
{
"category": "external",
"summary": "https://go.dev/issue/78566",
"url": "https://go.dev/issue/78566"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4986",
"url": "https://pkg.go.dev/vuln/GO-2026-4986"
}
],
"release_date": "2026-05-07T19:41:19.854000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: Go net/mail: Denial of Service via crafted email inputs"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39833",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-05-22T04:01:35.714593+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480683"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. The NewKeyring() function, which creates an in-memory keyring, failed to enforce the ConfirmBeforeUse constraint on keys. This allowed keys configured to require user confirmation before use to perform signing operations without any prompt or indication to the user. Consequently, an attacker could potentially bypass intended security controls, leading to unauthorized cryptographic signing actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this issue as Moderate with RH CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N). A flaw was found in golang.org/x/crypto/ssh/agent where the in-memory keyring returned by NewKeyring() silently accepted SSH agent keys with the ConfirmBeforeUse constraint but did not enforce interactive confirmation before signing. Exploitation requires local access and low privileges on a system where an affected application uses NewKeyring() with ConfirmBeforeUse. Most Red Hat products that bundle golang.org/x/crypto do not use the ssh/agent ConfirmBeforeUse feature in their supported execution paths. The upstream CISA CVSS 9.1 assumes a broader network attack context that does not reflect Red Hat product deployment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "RHBZ#2480683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39833"
},
{
"category": "external",
"summary": "https://go.dev/cl/778640",
"url": "https://go.dev/cl/778640"
},
{
"category": "external",
"summary": "https://go.dev/cl/778641",
"url": "https://go.dev/cl/778641"
},
{
"category": "external",
"summary": "https://go.dev/issue/79436",
"url": "https://go.dev/issue/79436"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5005",
"url": "https://pkg.go.dev/vuln/GO-2026-5005"
}
],
"release_date": "2026-05-22T02:31:26.294000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Update affected Go applications to use golang.org/x/crypto version 0.52.0 or later, which rejects unsupported ConfirmBeforeUse keys instead of silently ignoring the constraint. As a workaround, do not add keys with ConfirmBeforeUse to the in-memory keyring from golang.org/x/crypto/ssh/agent, or use an SSH agent implementation that correctly enforces confirm-before-use.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42151",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"discovery_date": "2026-05-04T19:02:26.983660+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466507"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important information disclosure flaw in Prometheus affects instances configured to use Azure AD remote write with OAuth authentication. The client secret, intended to be a secure credential, is exposed in plaintext through the `/-/config` HTTP API endpoint. This could allow an attacker with access to this endpoint to retrieve the secret, potentially compromising integrated Azure AD services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "RHBZ#2466507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18587",
"url": "https://github.com/prometheus/prometheus/pull/18587"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18590",
"url": "https://github.com/prometheus/prometheus/pull/18590"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"
}
],
"release_date": "2026-05-04T18:12:16.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API"
},
{
"cve": "CVE-2026-42499",
"cwe": {
"id": "CWE-1046",
"name": "Creation of Immutable Text Using String Concatenation"
},
"discovery_date": "2026-05-07T20:00:51.685602+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467809"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `net/mail` package within the Go standard library. A remote attacker could provide specially crafted, pathological email addresses. When these malformed email addresses are parsed by the `consumePhrase` function, it can lead to excessive resource consumption due to quadratic string concatenation, resulting in a Denial of Service (DoS) condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `net/mail` package of the Go standard library. A remote attacker can exploit this flaw by sending specially crafted email addresses, leading to excessive resource consumption and a denial of service in Go applications that parse email addresses using the affected library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42499"
},
{
"category": "external",
"summary": "RHBZ#2467809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467809"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42499"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42499"
},
{
"category": "external",
"summary": "https://go.dev/cl/771520",
"url": "https://go.dev/cl/771520"
},
{
"category": "external",
"summary": "https://go.dev/issue/78987",
"url": "https://go.dev/issue/78987"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M",
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4977",
"url": "https://pkg.go.dev/vuln/GO-2026-4977"
}
],
"release_date": "2026-05-07T19:41:18.615000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/mail: golang: net/mail: Denial of Service via pathological email address parsing"
},
{
"cve": "CVE-2026-42508",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-22T04:01:49.515058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480688"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "RHBZ#2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://go.dev/cl/781220",
"url": "https://go.dev/cl/781220"
},
{
"category": "external",
"summary": "https://go.dev/issue/79568",
"url": "https://go.dev/issue/79568"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5021",
"url": "https://pkg.go.dev/vuln/GO-2026-5021"
}
],
"release_date": "2026-05-22T02:31:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T15:46:32+00:00",
"details": "The RHTAS CLI Stack images contain Red Hat Trusted Artifact Signer CLI binaries.\n\nFor details on using the CLI images, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36797"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:conforma-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:cosign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:fetch-tsa-certs-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:gitsign-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:model-transparency-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:rekor-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@amd64_windows",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@arm64_darwin",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@ppc64le",
"Red Hat Trusted Artifact Signer 1.4:trillian-cli-stack-v1-4@s390x",
"Red Hat Trusted Artifact Signer 1.4:tuftool-cli-stack-v1-4@amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
}
]
}
RHSA-2026:36808
Vulnerability from csaf_redhat - Published: 2026-07-08 16:06 - Updated: 2026-07-10 16:26A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le | — | ||
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 | — |
A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "DevWorkspace Operator 0.42.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "The DevWorkspace Operator extends OpenShift to provide DevWorkspace support.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:36808",
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39821",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42508",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-46595",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://redhat.atlassian.net/browse/CRW-11515",
"url": "https://redhat.atlassian.net/browse/CRW-11515"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36808.json"
}
],
"title": "Red Hat Security Advisory: DevWorkspace Operator 0.42.0 release.",
"tracking": {
"current_release_date": "2026-07-10T16:26:21+00:00",
"generator": {
"date": "2026-07-10T16:26:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:36808",
"initial_release_date": "2026-07-08T16:06:37+00:00",
"revision_history": [
{
"date": "2026-07-08T16:06:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-08T16:06:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "DevWorkspace Operator 0.42",
"product": {
"name": "DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devworkspace:0.42::el9"
}
}
}
],
"category": "product_family",
"name": "DevWorkspace Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-rhel9-operator\u0026tag=1782401674"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-operator-bundle@sha256%3A2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-operator-bundle\u0026tag=1782405692"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3Af1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9\u0026tag=1782401412"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9\u0026tag=1782400868"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-rhel9-operator\u0026tag=1782401674"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9\u0026tag=1782401412"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9\u0026tag=1782400868"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3Ab74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-rhel9-operator\u0026tag=1782401674"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9\u0026tag=1782401412"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9\u0026tag=1782400868"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-rhel9-operator\u0026tag=1782401674"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9\u0026tag=1782401412"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9\u0026tag=1782400868"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64 as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64 as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64 as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64 as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64 as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64 as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64 as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le as a component of DevWorkspace Operator 0.42",
"product_id": "DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.42"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T16:06:37+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-39821",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-05-22T16:00:52.844126+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480756"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname (for example, xn--example-.com returns example.com instead of an error). Applications that validate the ASCII form then convert to Unicode may grant access to a restricted hostname the ASCII check would have rejected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/net/idna is vulnerable to privilege escalation through incorrect Punycode label handling in ToASCII and ToUnicode. An attacker who can supply a Punycode hostname that passes an ASCII-only authorization check may have it normalized to a restricted ASCII name the application intended to block. Red Hat exposure is broad across products shipping the Go toolchain or bundling golang.org/x/net, including RHEL and RHEL-AI golang RPMs, hummingbird Go runtimes, OpenShift and ODF container builds, and Ceph/OpenShift components compiled against affected x/net versions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "RHBZ#2480756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39821",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39821"
},
{
"category": "external",
"summary": "https://go.dev/cl/767220",
"url": "https://go.dev/cl/767220"
},
{
"category": "external",
"summary": "https://go.dev/issue/78760",
"url": "https://go.dev/issue/78760"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8",
"url": "https://groups.google.com/g/golang-announce/c/iI-mYSI0lu8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5026",
"url": "https://pkg.go.dev/vuln/GO-2026-5026"
}
],
"release_date": "2026-05-22T15:01:21.462000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T16:06:37+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/net release that includes the idna correction, via updated golang or dependent package rebuilds.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing"
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T16:06:37+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T16:06:37+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T16:06:37+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-42508",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-22T04:01:49.515058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480688"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/knownhosts. This vulnerability occurs because the system did not correctly check for the revocation status of a SignatureKey belonging to a Certificate Authority (CA). A remote attacker could potentially exploit this by presenting a revoked key, leading to the system accepting it as valid. This could allow an attacker to bypass security checks and potentially gain unauthorized access or spoof legitimate entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in `golang.org/x/crypto/ssh/knownhosts` allows a remote attacker to bypass security checks. This vulnerability arises because the system fails to properly verify the revocation status of a Certificate Authority (CA) `SignatureKey`. In Red Hat environments, this could enable an attacker to present a revoked key, leading to its acceptance as valid and potentially granting unauthorized access or facilitating the spoofing of legitimate entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "RHBZ#2480688",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480688"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42508"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42508"
},
{
"category": "external",
"summary": "https://go.dev/cl/781220",
"url": "https://go.dev/cl/781220"
},
{
"category": "external",
"summary": "https://go.dev/issue/79568",
"url": "https://go.dev/issue/79568"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5021",
"url": "https://pkg.go.dev/vuln/GO-2026-5021"
}
],
"release_date": "2026-05-22T02:31:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T16:06:37+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey"
},
{
"cve": "CVE-2026-46595",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-22T04:01:52.215134+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. Source-address validation can be skipped when an SSH server configuration uses an authentication callback type other than public key, allowing authorization bypass in misconfigured servers. This is a follow-on to incomplete coverage from the CVE-2024-45337 fix.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "golang.org/x/crypto/ssh is vulnerable to authorization bypass when SSH server configurations rely on source-address validation alongside non-public-key authentication callbacks. An attacker with low privileges who can authenticate through such a callback path may bypass intended source-address restrictions and gain unauthorized SSH access. Red Hat impact sits in services built with affected x/crypto/ssh, including RHEL golang streams, hummingbird Go toolchains, RHACM/MCE agents, and OpenShift or Ceph components that embed Go SSH servers with mixed callback types.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"known_not_affected": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "RHBZ#2480689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46595"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46595"
},
{
"category": "external",
"summary": "https://go.dev/cl/781642",
"url": "https://go.dev/cl/781642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79570",
"url": "https://go.dev/issue/79570"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5023",
"url": "https://pkg.go.dev/vuln/GO-2026-5023"
}
],
"release_date": "2026-05-22T02:31:27.894000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-08T16:06:37+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:36808"
},
{
"category": "workaround",
"details": "Upgrade to a fixed golang.org/x/crypto/ssh release via updated golang or package rebuilds. Ensure SSH servers use supported public-key callback configurations with source-address validation as intended.",
"product_ids": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:2a263321d0db82af2c030c7035349d3b42378fb3b03c3e58c0553ce68217581b_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:2a99aac71cd2c5ac53e26817eb8e1df65e417ebbc0fce30b05905f022df9dda3_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:509841df7c98e3d55c85e44dce9d1b235ab9ad80fa0ec82fdfc9a3562e4effbf_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:77e0a72e35af25a60b202082ada3e61d80d0be7e24ea3b0c374541c93d25da44_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:f1d6822065c055040bf9017047ea4afd874c33ccbfa3c4e5854655419f58dd8e_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:00c7568ee3e388839b7777dab379ac6ecf3c5bc7bdeec2562417f88f862b80b5_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:0ba88226a4c28d5caab277cbddac90e8782bd9b77a87c2253b5933730fda57f2_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:3d0cf855d29d897af3f55066f0882b844402d43c29ede0401336e00d8e09806e_ppc64le",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:70d9351eb4156abab69dd5001020cf9a90731d25a2677069c85788c6f41d2130_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:273e029b1618235c7c4ea103d09da99dac8d2803c9be4b5754f1f251563fce27_amd64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:2f577d0458bb4af7eb00dc937cac08023c2de0fca74e31fc2c2725cc4cc26a44_s390x",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:71f0ecbb31045e41063e781e2cf03737e8878c49b27366103ff15b7a95e8e946_arm64",
"DevWorkspace Operator 0.42:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:b74935a50eddbd0bfa65b9cd7546c73fadc9267f867adcdaa0cbf8c32b6b4e40_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation"
}
]
}
RHSA-2026:37268
Vulnerability from csaf_redhat - Published: 2026-07-09 11:41 - Updated: 2026-07-10 16:26A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.4.2 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.17, 4.18, 4.19, 4.20, 4.21, 4.22",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:37268",
"url": "https://access.redhat.com/errata/RHSA-2026:37268"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_37268.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.4.2 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2026-07-10T16:26:15+00:00",
"generator": {
"date": "2026-07-10T16:26:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:37268",
"initial_release_date": "2026-07-09T11:41:11+00:00",
"revision_history": [
{
"date": "2026-07-09T11:41:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T11:41:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.4",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"product": {
"name": "registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"product_id": "registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ctlog-monitor-rhel9@sha256%3A4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/ctlog-monitor-rhel9\u0026tag=1783330572"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-monitor-rhel9@sha256%3A3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/rekor-monitor-rhel9\u0026tag=1783330572"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64"
},
"product_reference": "registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:41:11+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37268"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:41:11+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37268"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:41:11+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37268"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:41:11+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37268"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/ctlog-monitor-rhel9@sha256:4502f26fff1b13763ddb7a6cc66a81cab407589b75409b2c5455c12bc2643517_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-monitor-rhel9@sha256:3d551907e5a5b7fe8ca110d273a02f60296dbc3ca512af3a80715e9cfc4477e8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
}
]
}
RHSA-2026:37271
Vulnerability from csaf_redhat - Published: 2026-07-09 11:43 - Updated: 2026-07-10 16:26A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh/agent. The NewKeyring() function, which creates an in-memory keyring, failed to enforce the ConfirmBeforeUse constraint on keys. This allowed keys configured to require user confirmation before use to perform signing operations without any prompt or indication to the user. Consequently, an attacker could potentially bypass intended security controls, leading to unauthorized cryptographic signing actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 | — |
Workaround
|
A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.4.2 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.17, 4.18, 4.19, 4.20, 4.21, 4.22",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:37271",
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39832",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39833",
"url": "https://access.redhat.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42151",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_37271.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.4.2 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2026-07-10T16:26:16+00:00",
"generator": {
"date": "2026-07-10T16:26:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:37271",
"initial_release_date": "2026-07-09T11:43:07+00:00",
"revision_history": [
{
"date": "2026-07-09T11:43:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T11:43:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.4",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"product": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"product_id": "registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cosign-rhel9@sha256%3A4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/cosign-rhel9\u0026tag=1783330691"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"product": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"product_id": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fetch-tsa-certs-rhel9@sha256%3Af8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/fetch-tsa-certs-rhel9\u0026tag=1783326690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"product": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"product_id": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitsign-rhel9@sha256%3A4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/gitsign-rhel9\u0026tag=1783332061"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-cli-rhel9@sha256%3A0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/rekor-cli-rhel9\u0026tag=1783332625"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"product": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"product_id": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/updatetree-rhel9@sha256%3A3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/updatetree-rhel9\u0026tag=1783329793"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"product": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"product_id": "registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cosign-rhel9@sha256%3A15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4?arch=arm64\u0026repository_url=registry.redhat.io/rhtas/cosign-rhel9\u0026tag=1783330691"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"product": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"product_id": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fetch-tsa-certs-rhel9@sha256%3A74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c?arch=arm64\u0026repository_url=registry.redhat.io/rhtas/fetch-tsa-certs-rhel9\u0026tag=1783326690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"product": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"product_id": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitsign-rhel9@sha256%3Af9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75?arch=arm64\u0026repository_url=registry.redhat.io/rhtas/gitsign-rhel9\u0026tag=1783332061"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"product_id": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-cli-rhel9@sha256%3A4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e?arch=arm64\u0026repository_url=registry.redhat.io/rhtas/rekor-cli-rhel9\u0026tag=1783332625"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64",
"product": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64",
"product_id": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64",
"product_identification_helper": {
"purl": "pkg:oci/updatetree-rhel9@sha256%3Ad034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582?arch=arm64\u0026repository_url=registry.redhat.io/rhtas/updatetree-rhel9\u0026tag=1783329793"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"product": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"product_id": "registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cosign-rhel9@sha256%3Af8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef?arch=ppc64le\u0026repository_url=registry.redhat.io/rhtas/cosign-rhel9\u0026tag=1783330691"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"product": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"product_id": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fetch-tsa-certs-rhel9@sha256%3A55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac?arch=ppc64le\u0026repository_url=registry.redhat.io/rhtas/fetch-tsa-certs-rhel9\u0026tag=1783326690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"product": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"product_id": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitsign-rhel9@sha256%3A7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098?arch=ppc64le\u0026repository_url=registry.redhat.io/rhtas/gitsign-rhel9\u0026tag=1783332061"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"product": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"product_id": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rekor-cli-rhel9@sha256%3Aad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhtas/rekor-cli-rhel9\u0026tag=1783332625"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"product": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"product_id": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/updatetree-rhel9@sha256%3A01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhtas/updatetree-rhel9\u0026tag=1783329793"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"product": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"product_id": "registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cosign-rhel9@sha256%3Ae1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae?arch=s390x\u0026repository_url=registry.redhat.io/rhtas/cosign-rhel9\u0026tag=1783330691"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"product": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"product_id": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fetch-tsa-certs-rhel9@sha256%3Ac9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b?arch=s390x\u0026repository_url=registry.redhat.io/rhtas/fetch-tsa-certs-rhel9\u0026tag=1783326690"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"product": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"product_id": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitsign-rhel9@sha256%3Ace50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2?arch=s390x\u0026repository_url=registry.redhat.io/rhtas/gitsign-rhel9\u0026tag=1783332061"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"product": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"product_id": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rekor-cli-rhel9@sha256%3A0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583?arch=s390x\u0026repository_url=registry.redhat.io/rhtas/rekor-cli-rhel9\u0026tag=1783332625"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"product": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"product_id": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/updatetree-rhel9@sha256%3A205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e?arch=s390x\u0026repository_url=registry.redhat.io/rhtas/updatetree-rhel9\u0026tag=1783329793"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64"
},
"product_reference": "registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64"
},
"product_reference": "registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x"
},
"product_reference": "registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le"
},
"product_reference": "registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le"
},
"product_reference": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64"
},
"product_reference": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x"
},
"product_reference": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64"
},
"product_reference": "registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64"
},
"product_reference": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le"
},
"product_reference": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x"
},
"product_reference": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64"
},
"product_reference": "registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x"
},
"product_reference": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
},
"product_reference": "registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le"
},
"product_reference": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x"
},
"product_reference": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64"
},
"product_reference": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
},
"product_reference": "registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:07+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:07+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:07+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39832",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:41.402561+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the unrestricted use of the key on the remote host. This vulnerability could enable an attacker to bypass intended security controls and perform unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in `golang.org/x/crypto/ssh/agent` allows for a security bypass when SSH keys with destination restrictions are forwarded via an SSH agent. This flaw could lead to unintended exposure of SSH keys, enabling an attacker to use the forwarded key without the specified restrictions on remote hosts. Red Hat products utilizing `golang.org/x/crypto/ssh/agent` for key forwarding may be affected if users rely on constraint extensions for limiting key usage.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "RHBZ#2480685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39832",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39832"
},
{
"category": "external",
"summary": "https://go.dev/cl/778642",
"url": "https://go.dev/cl/778642"
},
{
"category": "external",
"summary": "https://go.dev/issue/79435",
"url": "https://go.dev/issue/79435"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5006",
"url": "https://pkg.go.dev/vuln/GO-2026-5006"
}
],
"release_date": "2026-05-22T02:31:26.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:07+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions"
},
{
"cve": "CVE-2026-39833",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-05-22T04:01:35.714593+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480683"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh/agent. The NewKeyring() function, which creates an in-memory keyring, failed to enforce the ConfirmBeforeUse constraint on keys. This allowed keys configured to require user confirmation before use to perform signing operations without any prompt or indication to the user. Consequently, an attacker could potentially bypass intended security controls, leading to unauthorized cryptographic signing actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this issue as Moderate with RH CVSS 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N). A flaw was found in golang.org/x/crypto/ssh/agent where the in-memory keyring returned by NewKeyring() silently accepted SSH agent keys with the ConfirmBeforeUse constraint but did not enforce interactive confirmation before signing. Exploitation requires local access and low privileges on a system where an affected application uses NewKeyring() with ConfirmBeforeUse. Most Red Hat products that bundle golang.org/x/crypto do not use the ssh/agent ConfirmBeforeUse feature in their supported execution paths. The upstream CISA CVSS 9.1 assumes a broader network attack context that does not reflect Red Hat product deployment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "RHBZ#2480683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39833",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39833"
},
{
"category": "external",
"summary": "https://go.dev/cl/778640",
"url": "https://go.dev/cl/778640"
},
{
"category": "external",
"summary": "https://go.dev/cl/778641",
"url": "https://go.dev/cl/778641"
},
{
"category": "external",
"summary": "https://go.dev/issue/79436",
"url": "https://go.dev/issue/79436"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5005",
"url": "https://pkg.go.dev/vuln/GO-2026-5005"
}
],
"release_date": "2026-05-22T02:31:26.294000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:07+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"category": "workaround",
"details": "Update affected Go applications to use golang.org/x/crypto version 0.52.0 or later, which rejects unsupported ConfirmBeforeUse keys instead of silently ignoring the constraint. As a workaround, do not add keys with ConfirmBeforeUse to the in-memory keyring from golang.org/x/crypto/ssh/agent, or use an SSH agent implementation that correctly enforces confirm-before-use.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:07+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42151",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"discovery_date": "2026-05-04T19:02:26.983660+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466507"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important information disclosure flaw in Prometheus affects instances configured to use Azure AD remote write with OAuth authentication. The client secret, intended to be a secure credential, is exposed in plaintext through the `/-/config` HTTP API endpoint. This could allow an attacker with access to this endpoint to retrieve the secret, potentially compromising integrated Azure AD services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "RHBZ#2466507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18587",
"url": "https://github.com/prometheus/prometheus/pull/18587"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18590",
"url": "https://github.com/prometheus/prometheus/pull/18590"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"
}
],
"release_date": "2026-05-04T18:12:16.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:07+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37271"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:15a1e1d82e2ac631cb5bd6aa420fad3f7e52c414d4efba2d642ace24c5b9f3b4_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:4a1174f4cdc367db08f99ccb9586bf0ff8faa47c3360482b4fb33e75588b53eb_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:e1b929b778eb5dc42b81c18cf1cab4a989ec9124de99dbabdaaec8f0531b41ae_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/cosign-rhel9@sha256:f8a19541958467e3f1aa9ddd2868f20ce7cb760581c3c965941bedade78058ef_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:55bf157183d6a9df8032ca0ab62c418a3cc8b591b1a26a193c5eed36bebd01ac_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:74f364bbf2fe939ce8a02f19afd8f43aa2478090c99067add41b6aff004fda4c_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:c9094568f2e694d6a3c7b0162f3b68a2ef9d2f299efce735afc582f66a27130b_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fetch-tsa-certs-rhel9@sha256:f8b01d3f2d6400b4208d80d8b66eab7b1f4ec2cd4dcdef06552c3d05db0e896e_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:4f95c088ef66165779e4b2d5ba89cf2594dd0d837bb707350712dc13b8a27c90_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:7c443c3f2c72d1c3cd6ce6cde49a3b781a1b6336bd9b2d974cd69cdfa4c94098_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:ce50f18c962fc813d635461aa9e9bc4fdbf7e8236731caa49b05c1770465cac2_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/gitsign-rhel9@sha256:f9877376bb17567472e84a42ce27273ec3c537103a58d3ff5b616da1b9c18b75_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0187f0248ce7d219797450636bedd086e14ee6932e676bb51d35592306965583_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:0ef106aebc41f050e4833a546a4259c877f3852b94ee914c16a6d646c82d6ec2_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:4565fb543e312c3d113f415fe7d59267086c16a98d8567d2094aed58ff63586e_arm64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-cli-rhel9@sha256:ad6c77b11bdde5dcd5bdddcedfea9f0422e3b685fbf224165a20605b1882d8fc_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:01024a46eac2bb846cee776132a6ce78a69fdc9dfe75df7a0fb379bed6444db1_ppc64le",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:205ef0889fb950e337a07d793cec8cbdfd713c4190ddb374f8c2a6206506a66e_s390x",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:3a7241f722dbbc7f3bc86cfb15cf2b0d96738ad60ad49dbb0b413c524d50013f_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/updatetree-rhel9@sha256:d034bb82bde1eafe676ce11295bcac3a1e653cab1aa0eb1c61e494b8069f1582_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API"
}
]
}
RHSA-2026:37272
Vulnerability from csaf_redhat - Published: 2026-07-09 11:43 - Updated: 2026-07-10 16:26A flaw was found in image-size. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by supplying specially crafted JXL, HEIF, or JP2 image files that contain zero-sized boxes. The `findBox` function, responsible for image validation, enters an infinite loop when processing these malicious files, leading to an application hang. This can disrupt the availability of services relying on the image-size component.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
A flaw was found in devalue, a JavaScript library used for serializing values. Due to quirks in some JavaScript engines, the `devalue.parse` function could be exploited by a remote attacker when deserializing specially crafted sparse arrays. This could lead to excessive memory consumption, resulting in a Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
A flaw was found in Next.js. Applications utilizing the Pages Router with internationalization (i18n) configured and middleware or proxy-based authorization are susceptible to unauthorized access. A remote attacker can exploit this by making locale-less /_next/data/<buildId>/<page>.json requests, which bypass the intended authorization checks. This allows the attacker to retrieve sensitive server-side rendered (SSR) JSON data from protected pages, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could lead to unauthorized viewing of sensitive information or access to restricted features.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows access to protected content without proper authorization.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
A flaw was found in ws, an open source WebSocket client and server for Node.js. The `websocket.close()` implementation is vulnerable to uninitialized memory disclosure when a `TypedArray` is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memory.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — | ||
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The 1.4.2 release of Red Hat Trusted Artifact Signer OpenShift Operator.\nFor more details please visit the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"title": "Topic"
},
{
"category": "general",
"text": "The RHTAS Operator can be used with OpenShift Container Platform 4.17, 4.18, 4.19, 4.20, 4.21, 4.22",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:37272",
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-71319",
"url": "https://access.redhat.com/security/cve/CVE-2025-71319"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39828",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39829",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39830",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39835",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42151",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-42570",
"url": "https://access.redhat.com/security/cve/CVE-2026-42570"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44573",
"url": "https://access.redhat.com/security/cve/CVE-2026-44573"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44574",
"url": "https://access.redhat.com/security/cve/CVE-2026-44574"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44575",
"url": "https://access.redhat.com/security/cve/CVE-2026-44575"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44577",
"url": "https://access.redhat.com/security/cve/CVE-2026-44577"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44578",
"url": "https://access.redhat.com/security/cve/CVE-2026-44578"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44579",
"url": "https://access.redhat.com/security/cve/CVE-2026-44579"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-45109",
"url": "https://access.redhat.com/security/cve/CVE-2026-45109"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-45736",
"url": "https://access.redhat.com/security/cve/CVE-2026-45736"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48779",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_37272.json"
}
],
"title": "Red Hat Security Advisory: RHTAS 1.4.2 - Red Hat Trusted Artifact Signer Release",
"tracking": {
"current_release_date": "2026-07-10T16:26:16+00:00",
"generator": {
"date": "2026-07-10T16:26:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.2"
}
},
"id": "RHSA-2026:37272",
"initial_release_date": "2026-07-09T11:43:10+00:00",
"revision_history": [
{
"date": "2026-07-09T11:43:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-09T11:43:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-10T16:26:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Trusted Artifact Signer 1.4",
"product": {
"name": "Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:trusted_artifact_signer:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Trusted Artifact Signer"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-backfill-redis-rhel9@sha256%3Ac34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/rekor-backfill-redis-rhel9\u0026tag=1783332625"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"product": {
"name": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"product_id": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/certificate-transparency-rhel9@sha256%3A428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/certificate-transparency-rhel9\u0026tag=1783326748"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-database-rhel9@sha256%3Ab5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/trillian-database-rhel9\u0026tag=1783329793"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"product": {
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"product_id": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fulcio-rhel9@sha256%3A9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/fulcio-rhel9\u0026tag=1783326847"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-logserver-rhel9@sha256%3A6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/trillian-logserver-rhel9\u0026tag=1783329793"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-logsigner-rhel9@sha256%3A613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/trillian-logsigner-rhel9\u0026tag=1783329793"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64",
"product": {
"name": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64",
"product_id": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/trillian-redis-rhel9@sha256%3Afd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/trillian-redis-rhel9\u0026tag=1783329793"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-search-ui-rhel9@sha256%3Ac0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/rekor-search-ui-rhel9\u0026tag=1783327185"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"product": {
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"product_id": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rekor-server-rhel9@sha256%3A938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/rekor-server-rhel9\u0026tag=1783332625"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"product": {
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"product_id": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/timestamp-authority-rhel9@sha256%3A5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf?arch=amd64\u0026repository_url=registry.redhat.io/rhtas/timestamp-authority-rhel9\u0026tag=1783326690"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64"
},
"product_reference": "registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64"
},
"product_reference": "registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64"
},
"product_reference": "registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
},
"product_reference": "registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64 as a component of Red Hat Trusted Artifact Signer 1.4",
"product_id": "Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
},
"product_reference": "registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64",
"relates_to_product_reference": "Red Hat Trusted Artifact Signer 1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-71319",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2026-06-09T21:01:11.339286+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487296"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in image-size. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by supplying specially crafted JXL, HEIF, or JP2 image files that contain zero-sized boxes. The `findBox` function, responsible for image validation, enters an infinite loop when processing these malicious files, leading to an application hang. This can disrupt the availability of services relying on the image-size component.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "image-size: image-size: Denial of Service due to infinite loop when processing specially crafted images.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `image-size` component, which can be triggered remotely by processing specially crafted JXL, HEIF, or JP2 image files containing zero-sized boxes. This flaw can lead to an application hang due to an infinite loop in the `findBox` function, impacting the availability of services that rely on this image processing library within Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-71319"
},
{
"category": "external",
"summary": "RHBZ#2487296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-71319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-71319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71319"
},
{
"category": "external",
"summary": "https://github.com/image-size/image-size/security/advisories/GHSA-m5qc-5hw7-8vg7",
"url": "https://github.com/image-size/image-size/security/advisories/GHSA-m5qc-5hw7-8vg7"
},
{
"category": "external",
"summary": "https://www.vulncheck.com/advisories/image-size-denial-of-service-via-infinite-loop-in-findbox-function",
"url": "https://www.vulncheck.com/advisories/image-size-denial-of-service-via-infinite-loop-in-findbox-function"
}
],
"release_date": "2026-06-09T19:57:16.125000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "image-size: image-size: Denial of Service due to infinite loop when processing specially crafted images."
},
{
"cve": "CVE-2026-39828",
"cwe": {
"id": "CWE-281",
"name": "Improper Preservation of Permissions"
},
"discovery_date": "2026-05-22T04:01:46.775641+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate restrictions, such as a force-command, after a second authentication factor succeeded. This could lead to unauthorized command execution or access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important security flaw in the `golang.org/x/crypto/ssh` library. When an SSH server utilizing this library is configured with specific authentication callbacks that return a `PartialSuccessError` with non-nil permissions, an attacker could bypass intended certificate restrictions, such as `force-command`. This bypass could lead to unauthorized command execution or access on affected Red Hat systems configured with multi-factor authentication and certificate-based access controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "RHBZ#2480687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39828",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39828"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39828"
},
{
"category": "external",
"summary": "https://go.dev/cl/781621",
"url": "https://go.dev/cl/781621"
},
{
"category": "external",
"summary": "https://go.dev/issue/79562",
"url": "https://go.dev/issue/79562"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5014",
"url": "https://pkg.go.dev/vuln/GO-2026-5014"
}
],
"release_date": "2026-05-22T02:31:26.883000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions"
},
{
"cve": "CVE-2026-39829",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-22T04:01:30.092249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. The RSA and DSA public key parsers in the affected component did not enforce size limits on key parameters. This vulnerability allows an unauthenticated client to provide a crafted public key with an excessively large modulus or DSA parameter during public key authentication. Successful exploitation could lead to a denial of service (DoS) due to prolonged CPU consumption during signature verification.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in golang.org/x/crypto/ssh is rated as Important. An unauthenticated remote attacker could trigger a denial of service by providing a specially crafted public key with excessively large parameters during SSH public key authentication. This could lead to prolonged CPU consumption on the server, impacting service availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "RHBZ#2480681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39829",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39829"
},
{
"category": "external",
"summary": "https://go.dev/cl/781641",
"url": "https://go.dev/cl/781641"
},
{
"category": "external",
"summary": "https://go.dev/cl/781661",
"url": "https://go.dev/cl/781661"
},
{
"category": "external",
"summary": "https://go.dev/issue/79565",
"url": "https://go.dev/issue/79565"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5018",
"url": "https://pkg.go.dev/vuln/GO-2026-5018"
}
],
"release_date": "2026-05-22T02:31:27.324000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters"
},
{
"cve": "CVE-2026-39830",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-05-22T04:01:38.517202+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480684"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection\u0027s read loop. This prevents the associated resources from being released, leading to a resource leak per connection. The consequence is a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh`. A remote, unauthenticated attacker can exploit this vulnerability by sending unsolicited global request responses to an affected SSH server, leading to resource exhaustion and a denial of service. The impact is considered Important due to the potential for unauthenticated remote disruption of services utilizing the vulnerable SSH library.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "RHBZ#2480684",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480684"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39830",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39830"
},
{
"category": "external",
"summary": "https://go.dev/cl/781640",
"url": "https://go.dev/cl/781640"
},
{
"category": "external",
"summary": "https://go.dev/cl/781664",
"url": "https://go.dev/cl/781664"
},
{
"category": "external",
"summary": "https://go.dev/issue/79564",
"url": "https://go.dev/issue/79564"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5017",
"url": "https://pkg.go.dev/vuln/GO-2026-5017"
}
],
"release_date": "2026-05-22T02:31:27.208000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "To mitigate this denial of service vulnerability, restrict network access to any service that utilizes the `golang.org/x/crypto/ssh` library and is exposed to untrusted networks. Implement firewall rules to allow connections only from trusted hosts or networks. This action limits the ability of malicious peers to send unsolicited global request responses. A restart of the affected service may be necessary for the new network rules to be applied effectively.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses"
},
{
"cve": "CVE-2026-39835",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2026-05-22T04:01:27.279943+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480680"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/crypto/ssh. SSH servers configured to use CertChecker as a public key callback, without explicitly setting IsUserAuthority or IsHostAuthority, are vulnerable. A remote attacker can exploit this by presenting a specially crafted certificate, causing the server to panic and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in `golang.org/x/crypto/ssh` affecting SSH servers that utilize `CertChecker` as a public key callback without explicitly configuring `IsUserAuthority` or `IsHostAuthority`. A remote, unauthenticated attacker can trigger a server panic by presenting a specially crafted certificate, leading to service disruption. Exploitation requires a specific, non-default configuration of the `CertChecker`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "RHBZ#2480680",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480680"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39835",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39835"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39835"
},
{
"category": "external",
"summary": "https://go.dev/cl/781660",
"url": "https://go.dev/cl/781660"
},
{
"category": "external",
"summary": "https://go.dev/issue/79563",
"url": "https://go.dev/issue/79563"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI",
"url": "https://groups.google.com/g/golang-announce/c/a082jnz-LvI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-5015",
"url": "https://pkg.go.dev/vuln/GO-2026-5015"
}
],
"release_date": "2026-05-22T02:31:26.982000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: golang: golang.org/x/crypto/ssh: Denial of Service via crafted SSH certificate"
},
{
"cve": "CVE-2026-42151",
"cwe": {
"id": "CWE-256",
"name": "Plaintext Storage of a Password"
},
"discovery_date": "2026-05-04T19:02:26.983660+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466507"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Prometheus, an open-source monitoring system. The `client_secret` field within the Azure Active Directory (AD) remote write OAuth configuration was incorrectly handled as a plain string instead of a secure Secret type. This misconfiguration allowed any user or process with access to the `/-/config` HTTP API endpoint to view the Azure OAuth client secret in plaintext. This vulnerability leads to information disclosure, potentially compromising the security of integrated Azure AD services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important information disclosure flaw in Prometheus affects instances configured to use Azure AD remote write with OAuth authentication. The client secret, intended to be a secure credential, is exposed in plaintext through the `/-/config` HTTP API endpoint. This could allow an attacker with access to this endpoint to retrieve the secret, potentially compromising integrated Azure AD services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42151"
},
{
"category": "external",
"summary": "RHBZ#2466507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466507"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42151"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18587",
"url": "https://github.com/prometheus/prometheus/pull/18587"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/pull/18590",
"url": "https://github.com/prometheus/prometheus/pull/18590"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.11.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3",
"url": "https://github.com/prometheus/prometheus/releases/tag/v3.5.3"
},
{
"category": "external",
"summary": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj",
"url": "https://github.com/prometheus/prometheus/security/advisories/GHSA-wg65-39gg-5wfj"
}
],
"release_date": "2026-05-04T18:12:16.917000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/prometheus/prometheus: Prometheus: Information disclosure of Azure OAuth client secret via config API"
},
{
"cve": "CVE-2026-42570",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-09T17:01:16.012124+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2487050"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in devalue, a JavaScript library used for serializing values. Due to quirks in some JavaScript engines, the `devalue.parse` function could be exploited by a remote attacker when deserializing specially crafted sparse arrays. This could lead to excessive memory consumption, resulting in a Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "devalue: devalue: Excessive memory consumption via deserialization of sparse arrays",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42570"
},
{
"category": "external",
"summary": "RHBZ#2487050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2487050"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42570",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42570"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42570",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42570"
},
{
"category": "external",
"summary": "https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d",
"url": "https://github.com/sveltejs/devalue/commit/206ca6712fbc380a4571c59de9ab04b91110792d"
},
{
"category": "external",
"summary": "https://github.com/sveltejs/devalue/releases/tag/v5.8.1",
"url": "https://github.com/sveltejs/devalue/releases/tag/v5.8.1"
},
{
"category": "external",
"summary": "https://github.com/sveltejs/devalue/security/advisories/GHSA-77vg-94rm-hx3p",
"url": "https://github.com/sveltejs/devalue/security/advisories/GHSA-77vg-94rm-hx3p"
}
],
"release_date": "2026-06-09T16:12:26.377000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "devalue: devalue: Excessive memory consumption via deserialization of sparse arrays"
},
{
"cve": "CVE-2026-44573",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:01:50.343509+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477199"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Applications utilizing the Pages Router with internationalization (i18n) configured and middleware or proxy-based authorization are susceptible to unauthorized access. A remote attacker can exploit this by making locale-less /_next/data/\u003cbuildId\u003e/\u003cpage\u003e.json requests, which bypass the intended authorization checks. This allows the attacker to retrieve sensitive server-side rendered (SSR) JSON data from protected pages, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Information disclosure due to middleware bypass in Pages Router with i18n",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Next.js applications allows unauthorized access to sensitive server-side rendered (SSR) JSON data by bypassing middleware authorization checks. This occurs when applications use the Pages Router with internationalization (i18n) and middleware or proxy-based authorization, enabling remote attackers to retrieve protected page data through locale-less requests.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44573"
},
{
"category": "external",
"summary": "RHBZ#2477199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44573",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44573"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5"
}
],
"release_date": "2026-05-13T16:48:16.218000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Information disclosure due to middleware bypass in Pages Router with i18n"
},
{
"cve": "CVE-2026-44574",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:02:21.088167+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could lead to unauthorized viewing of sensitive information or access to restricted features.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Authorization bypass via crafted query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important authorization bypass flaw in Next.js applications, which are utilized in Red Hat AMQ, Red Hat Trusted Artifact Signer, and Red Hat Enterprise Linux AI. The vulnerability arises when applications use Next.js middleware to protect dynamic routes, allowing attackers to access restricted content by manipulating query parameters. This bypass occurs because specially crafted parameters can alter the route value seen by the page while the visible path remains unchanged, circumventing intended security controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44574"
},
{
"category": "external",
"summary": "RHBZ#2477207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44574",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44574"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv"
}
],
"release_date": "2026-05-13T16:56:06.008000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Authorization bypass via crafted query parameters"
},
{
"cve": "CVE-2026-44575",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:01:17.168356+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477188"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows access to protected content without proper authorization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Unauthorized access to protected content via middleware bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Next.js App Router applications that utilize middleware or proxy-based authorization. A remote attacker can bypass these security checks by crafting specific URLs, leading to unauthorized access to protected content. This is due to transport-specific route variants used for segment prefetching not being consistently matched by middleware rules.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44575"
},
{
"category": "external",
"summary": "RHBZ#2477188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477188"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44575",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44575"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44575",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44575"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f"
}
],
"release_date": "2026-05-13T16:54:39.455000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Unauthorized access to protected content via middleware bypass"
},
{
"cve": "CVE-2026-44577",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T18:01:35.713847+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Denial of Service via Image Optimization API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Next.js affects self-hosted applications utilizing the default image loader. A remote attacker can trigger a denial of service by requesting large local image assets, leading to out-of-memory conditions. This vulnerability is present when `images.localPatterns` is configured to allow all patterns by default, and is not applicable when using Vercel, a custom image loader, or `images.unoptimized: true`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44577"
},
{
"category": "external",
"summary": "RHBZ#2477194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44577",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44577"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44577",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44577"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh"
}
],
"release_date": "2026-05-13T17:00:02.786000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Denial of Service via Image Optimization API"
},
{
"cve": "CVE-2026-44578",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-05-13T18:01:13.729805+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477187"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Next.js affects self-hosted applications, including Red Hat AMQ, when using the built-in Node.js server. A remote attacker can exploit specially crafted WebSocket upgrade requests to perform Server-Side Request Forgery, potentially exposing internal network services or sensitive cloud metadata endpoints. This risk is specific to deployments where the origin server is directly exposed to untrusted networks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44578"
},
{
"category": "external",
"summary": "RHBZ#2477187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44578"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r"
}
],
"release_date": "2026-05-13T17:01:38.942000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests"
},
{
"cve": "CVE-2026-44579",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2026-05-13T18:01:32.406247+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Denial of Service via crafted POST requests to server actions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Important as Next.js applications configured with Partial Prerendering and Cache Components are susceptible to a remote denial of service. An unauthenticated attacker can exhaust server connections by sending specially crafted POST requests, leading to a complete disruption of service for legitimate users. This impact is significant due to the potential for widespread unavailability of affected web applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44579"
},
{
"category": "external",
"summary": "RHBZ#2477193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44579"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx"
}
],
"release_date": "2026-05-13T17:04:28.388000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Denial of Service via crafted POST requests to server actions"
},
{
"cve": "CVE-2026-45109",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-05-13T18:01:23.402405+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important information disclosure flaw in Next.js allows a remote unauthenticated attacker to bypass a prior security fix when applications utilize `middleware.ts` with Turbopack. This bypass undermines intended access controls, potentially leading to the exposure of sensitive information in affected Red Hat AMQ and Red Hat Trusted Artifact Signer deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45109"
},
{
"category": "external",
"summary": "RHBZ#2477190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45109",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45109"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45109",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45109"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6"
}
],
"release_date": "2026-05-13T17:11:07.275000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack"
},
{
"cve": "CVE-2026-45736",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"discovery_date": "2026-05-15T16:00:55.786944+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477914"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server for Node.js. The `websocket.close()` implementation is vulnerable to uninitialized memory disclosure when a `TypedArray` is passed as the reason argument. This can lead to the disclosure of sensitive information from uninitialized memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important vulnerability in the `ws` WebSocket library for Node.js could lead to sensitive information disclosure. The flaw occurs when a `TypedArray` is specifically provided as the `reason` argument to the `websocket.close()` function, potentially exposing uninitialized memory. Red Hat products utilizing this library may be affected if their implementations allow for such a crafted `close()` call.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45736"
},
{
"category": "external",
"summary": "RHBZ#2477914",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477914"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45736",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45736"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45736",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45736"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086",
"url": "https://github.com/websockets/ws/commit/c0327ec15a54d701eb6ccefaa8bef328cfc03086"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-58qx-3vcg-4xpx"
}
],
"release_date": "2026-05-15T14:53:57.263000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Uninitialized memory disclosure via `websocket.close()` with `TypedArray`"
},
{
"cve": "CVE-2026-48779",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-06-16T22:01:24.571224+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2489661"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ws, an open source WebSocket client and server. A remote attacker can exploit this memory exhaustion vulnerability by sending a high volume of exceptionally small fragments and data chunks. This action forces the affected component to allocate and hold structural wrappers that consume excessive memory. Consequently, this leads to process termination and a denial of service (DoS) for the remote peer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in the `ws` WebSocket library. A remote attacker can exploit this flaw by sending a high volume of small, fragmented data, leading to excessive memory consumption and subsequent process termination. This can result in service disruption for Red Hat products that utilize `ws` for WebSocket communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"known_not_affected": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48779"
},
{
"category": "external",
"summary": "RHBZ#2489661",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2489661"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48779"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48779"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7",
"url": "https://github.com/websockets/ws/commit/86d3e8a5fb0246ed373860c5fbb0de88824a27f7"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53",
"url": "https://github.com/websockets/ws/commit/b5372ac67bb97a773727b8e9f5035a8123556d53"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94",
"url": "https://github.com/websockets/ws/commit/bca91adf15677e47dbe4f959653452727be28b94"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8",
"url": "https://github.com/websockets/ws/commit/fd36cd864fcdf62a08273a99e19a7d975401fee8"
},
{
"category": "external",
"summary": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p",
"url": "https://github.com/websockets/ws/security/advisories/GHSA-96hv-2xvq-fx4p"
}
],
"release_date": "2026-06-16T21:26:22.537000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-09T11:43:10+00:00",
"details": "Red Hat Trusted Artifact Signer simplifies cryptographic signing and verifying of software artifacts such as container images, binaries and source code changes. It is a self-managed on-premise deployment of the Sigstore project available at https://sigstore.dev\n\nPlatform Engineers, Software Developers and Security Professionals may use RHTAS to ensure the integrity, transparency and assurance of their organization\u0027s software supply chain.\n\nFor details on using the operator, refer to the product documentation at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4\n\nYou can find the release notes for this version of Red Hat Trusted Artifact Signer at https://access.redhat.com/documentation/en-us/red_hat_trusted_artifact_signer/1.4/html-single/release_notes/index",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:37272"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/certificate-transparency-rhel9@sha256:428e9da9c20b26a5ba88ec84f1be212ce0474f81c2fd56ac062e3948eb23070d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/fulcio-rhel9@sha256:9ba4d183d46315edb1a059e55267f30ab66069324cfc3a1a205fdabe45641e71_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-backfill-redis-rhel9@sha256:c34be5197926b29fc858ca4295773feb24d7a812691d4c88a70f3be3bbe49ff9_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-search-ui-rhel9@sha256:c0dfe2abf8d55740eefbaa647de617d1f796390111fae05919bf77897763977b_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/rekor-server-rhel9@sha256:938ca7e6d7fa3862825a86f142be9c6a7b5da1f7dfc6393bff5f77e24613bf67_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/timestamp-authority-rhel9@sha256:5c3552503bc698f229f835e3686462b75a3af15575edfa1081880fc945f2d8cf_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-database-rhel9@sha256:b5736b9f843573e1820b25da162b537b5f324d437c78a79c54f5258fa2204521_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logserver-rhel9@sha256:6cac09fcce3938f4e08e0dc5960ca5159bd4c36d238e1e49037c977c62dde85d_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-logsigner-rhel9@sha256:613398e5394371bac97d05c04d97b163c5048a8095ff8ff8bc510a24e46092d6_amd64",
"Red Hat Trusted Artifact Signer 1.4:registry.redhat.io/rhtas/trillian-redis-rhel9@sha256:fd4c05777a37475158316b694d4319c0a8ea0e39838306ee73523ec37fd3f3fa_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.