Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-39852 (GCVE-0-2026-39852)
Vulnerability from cvelistv5 – Published: 2026-05-05 20:58 – Updated: 2026-07-03 12:04| URL | Tags |
|---|---|
| https://github.com/quarkusio/quarkus/security/adv… | x_refsource_CONFIRM |
| https://access.redhat.com/security/cve/CVE-2026-39852 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:17789 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:25089 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:13631 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:11720 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:11721 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34608 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| quarkusio | quarkus |
Affected:
< 3.20.6.1
Affected: >= 3.27.3.0, < 3.27.3.1 Affected: >= 3.34.0, < 3.34.7 Affected: >= 3.35.0, < 3.35.2 |
|
| Red Hat | Cryostat 4 on RHEL 9 |
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | HawtIO HawtIO 4.4.0 |
cpe:/a:redhat:apache_camel_hawtio:4.4::el9 |
|
| Red Hat | Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 |
cpe:/a:redhat:apache_camel_quarkus:3.27 |
|
| Red Hat | Red Hat build of Quarkus 3.20.6.SP1 |
cpe:/a:redhat:quarkus:3.20::el8 |
|
| Red Hat | Red Hat build of Quarkus 3.27.3.SP1 |
cpe:/a:redhat:quarkus:3.27::el8 |
|
| Red Hat | Streams for Apache Kafka 2.9.4 |
cpe:/a:redhat:amq_streams:2.9::el9 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | Red Hat build of Apache Camel 4 for Quarkus 3 |
cpe:/a:redhat:camel_quarkus:3 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat build of Apicurio Registry 3 |
cpe:/a:redhat:apicurio_registry:3 |
|
| Red Hat | Red Hat build of Debezium 3 |
cpe:/a:redhat:debezium:3 |
|
| Red Hat | Red Hat build of OptaPlanner 8 |
cpe:/a:redhat:optaplanner:::el6 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat Process Automation 7 |
cpe:/a:redhat:jboss_enterprise_bpms_platform:7 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
|
| Red Hat | Red Hat Build of Keycloak |
cpe:/a:redhat:build_keycloak: |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39852",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T12:53:24.440906Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-06T12:53:32.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
],
"defaultStatus": "affected",
"product": "HawtIO HawtIO 4.4.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_quarkus:3.27"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.20::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.20.6.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.27::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.27.3.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:2.9::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 2.9.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:debezium:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Debezium 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:optaplanner:::el6"
],
"defaultStatus": "affected",
"product": "Red Hat build of OptaPlanner 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "unaffected",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "unaffected",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-551",
"description": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T12:04:49.592Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"name": "RHBZ#2457819",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39852.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11720"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:17789: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
},
{
"lang": "en",
"value": "RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
},
{
"lang": "en",
"value": "RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1"
},
{
"lang": "en",
"value": "RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1"
},
{
"lang": "en",
"value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-04-13T13:26:46.572Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-04T00:00:00.000Z",
"value": "Made public."
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"workarounds": [
{
"lang": "en",
"value": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "quarkus",
"vendor": "quarkusio",
"versions": [
{
"status": "affected",
"version": "\u003c 3.20.6.1"
},
{
"status": "affected",
"version": "\u003e= 3.27.3.0, \u003c 3.27.3.1"
},
{
"status": "affected",
"version": "\u003e= 3.34.0, \u003c 3.34.7"
},
{
"status": "affected",
"version": "\u003e= 3.35.0, \u003c 3.35.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the security layer and the routing layer allows unauthenticated or lower-privileged users to bypass HTTP path-based authorization policies. Quarkus\u0027s security layer performs authorization checks on the raw URL path which preserves matrix parameters (semicolons), while RESTEasy Reactive\u0027s routing layer strips matrix parameters before matching endpoints. An attacker can append a semicolon and arbitrary text to a request URL (e.g., /api/admin;anything) to bypass policies protecting /api/admin while still routing to the protected endpoint. This issue has been fixed in versions 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-05T20:58:29.575Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"source": {
"advisory": "GHSA-rc95-pcm8-65v9",
"discovery": "UNKNOWN"
},
"title": "Quarkus authorization bypass via semicolon path normalization inconsistency"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-39852",
"datePublished": "2026-05-05T20:58:29.575Z",
"dateReserved": "2026-04-07T19:13:20.378Z",
"dateUpdated": "2026-07-03T12:04:49.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-39852",
"date": "2026-07-05",
"epss": "0.00444",
"percentile": "0.35634"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-39852\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-05-05T21:16:22.823\",\"lastModified\":\"2026-07-03T13:17:09.577\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the security layer and the routing layer allows unauthenticated or lower-privileged users to bypass HTTP path-based authorization policies. Quarkus\u0027s security layer performs authorization checks on the raw URL path which preserves matrix parameters (semicolons), while RESTEasy Reactive\u0027s routing layer strips matrix parameters before matching endpoints. An attacker can append a semicolon and arbitrary text to a request URL (e.g., /api/admin;anything) to bypass policies protecting /api/admin while still routing to the protected endpoint. This issue has been fixed in versions 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"quarkusio\",\"product\":\"quarkus\",\"versions\":[{\"version\":\"\u003c 3.20.6.1\",\"status\":\"affected\"},{\"version\":\"\u003e= 3.27.3.0, \u003c 3.27.3.1\",\"status\":\"affected\"},{\"version\":\"\u003e= 3.34.0, \u003c 3.34.7\",\"status\":\"affected\"},{\"version\":\"\u003e= 3.35.0, \u003c 3.35.2\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"HawtIO HawtIO 4.4.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_quarkus:3.27\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.20.6.SP1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.20::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.27.3.SP1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.27::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Streams for Apache Kafka 2.9.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:2.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel 4 for Quarkus 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:camel_quarkus:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_registry:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apicurio_registry:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Debezium 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:debezium:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of OptaPlanner 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:optaplanner:::el6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Process Automation 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"streams for Apache Kafka 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Keycloak\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:build_keycloak:\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Fuse 7\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jboss_fuse:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform Expansion Pack\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jbosseapxp\"]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-06T12:53:24.440906Z\",\"id\":\"CVE-2026-39852\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-551\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.20.6.1\",\"matchCriteriaId\":\"E5AE56EF-94DF-4552-B4E4-B72B532DE04C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.21.0\",\"versionEndExcluding\":\"3.27.3.1\",\"matchCriteriaId\":\"DE8ACEA5-1401-493F-A1E5-0D9D87174161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.28.0\",\"versionEndExcluding\":\"3.33.1.1\",\"matchCriteriaId\":\"E37E4AF5-6CDF-47E7-998C-C8744296A503\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.34.0\",\"versionEndExcluding\":\"3.34.7\",\"matchCriteriaId\":\"6179CFEC-6CBF-45D7-9DE5-F47CB1D36F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.35.0\",\"versionEndExcluding\":\"3.35.2\",\"matchCriteriaId\":\"4397C81B-D8AF-4DD5-86B4-70CE00462BD3\"}]}]}],\"references\":[{\"url\":\"https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11720\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11721\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13631\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17789\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25089\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34608\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-39852\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2457819\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39852.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:cryostat:4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4 on RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"HawtIO HawtIO 4.4.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_quarkus:3.27\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.20::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.20.6.SP1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.27::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.27.3.SP1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:2.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Streams for Apache Kafka 2.9.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:camel_quarkus:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel 4 for Quarkus 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_registry:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apicurio_registry:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:debezium:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Debezium 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:optaplanner:::el6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of OptaPlanner 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Process Automation 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3\"], \"vendor\": \"Red Hat\", \"product\": \"streams for Apache Kafka 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:build_keycloak:\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Keycloak\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_fuse:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Fuse 7\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:jbosseapxp\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform Expansion Pack\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-04-13T13:26:46.572Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-04T00:00:00.000Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:17789: Cryostat 4 on RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25089: HawtIO HawtIO 4.4.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13631: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11720: Red Hat build of Quarkus 3.20.6.SP1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11721: Red Hat build of Quarkus 3.27.3.SP1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34608: Streams for Apache Kafka 2.9.4\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-04T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-39852\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2457819\", \"name\": \"RHBZ#2457819\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39852.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17789\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25089\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13631\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11721\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34608\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-551\", \"description\": \"Incorrect Behavior Order: Authorization Before Parsing and Canonicalization\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-03T12:04:49.592Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-39852\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-06T12:53:24.440906Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-06T12:53:28.249Z\"}}], \"cna\": {\"title\": \"Quarkus authorization bypass via semicolon path normalization inconsistency\", \"source\": {\"advisory\": \"GHSA-rc95-pcm8-65v9\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"quarkusio\", \"product\": \"quarkus\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.20.6.1\"}, {\"status\": \"affected\", \"version\": \"\u003e= 3.27.3.0, \u003c 3.27.3.1\"}, {\"status\": \"affected\", \"version\": \"\u003e= 3.34.0, \u003c 3.34.7\"}, {\"status\": \"affected\", \"version\": \"\u003e= 3.35.0, \u003c 3.35.2\"}]}], \"references\": [{\"url\": \"https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9\", \"name\": \"https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the security layer and the routing layer allows unauthenticated or lower-privileged users to bypass HTTP path-based authorization policies. Quarkus\u0027s security layer performs authorization checks on the raw URL path which preserves matrix parameters (semicolons), while RESTEasy Reactive\u0027s routing layer strips matrix parameters before matching endpoints. An attacker can append a semicolon and arbitrary text to a request URL (e.g., /api/admin;anything) to bypass policies protecting /api/admin while still routing to the protected endpoint. This issue has been fixed in versions 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863: Incorrect Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-05-05T20:58:29.575Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-39852\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-03T12:04:49.592Z\", \"dateReserved\": \"2026-04-07T19:13:20.378Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-05-05T20:58:29.575Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
cleanstart-2026-vj37814
Vulnerability from cleanstart
Multiple security vulnerabilities affect the keycloak package. These issues are resolved in later releases. See references for individual vulnerability details.
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "keycloak"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "26.4.11-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the keycloak package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VJ37814",
"modified": "2026-05-07T10:32:20Z",
"published": "2026-05-18T13:37:33.552809Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VJ37814.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-59250"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1002"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39852"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42198"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42577"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-5598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-38f8-5428-x5cv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3p8m-j85q-pgmj"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-45p5-v273-3qqr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-45q3-82m4-75jr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4cx2-fc23-5wg6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-57rv-r2g8-2cj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9342-92gg-6v29"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-98qh-xjc8-98pq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c3fc-8qff-9hwx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cm33-6792-r9fm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cphf-4846-3xx9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fghv-69vj-qj49"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-h5fg-jpgr-rv9c"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hq9p-pm7w-8p54"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j288-q9x7-2f5v"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m4cv-j2px-7723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mj4r-2hfc-f8p6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p93r-85wp-75v3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pwqr-wmgm-9rr8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rc95-pcm8-65v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-rwm7-x88c-3g2p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v8h7-rr48-vmmv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w9fj-cfpg-grvv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wg6q-6289-32hp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xxqh-mfjm-7mv9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59250"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41417"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42198"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42577"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42578"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42579"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42580"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42581"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42584"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42585"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5598"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-59250, CVE-2026-1002, CVE-2026-33870, CVE-2026-33871, CVE-2026-39852, CVE-2026-41417, CVE-2026-42198, CVE-2026-42577, CVE-2026-42578, CVE-2026-42579, CVE-2026-42580, CVE-2026-42581, CVE-2026-42583, CVE-2026-42584, CVE-2026-42585, CVE-2026-42587, CVE-2026-5588, CVE-2026-5598, ghsa-38f8-5428-x5cv, ghsa-3p8m-j85q-pgmj, ghsa-45p5-v273-3qqr, ghsa-45q3-82m4-75jr, ghsa-4cx2-fc23-5wg6, ghsa-57rv-r2g8-2cj3, ghsa-9342-92gg-6v29, ghsa-98qh-xjc8-98pq, ghsa-c3fc-8qff-9hwx, ghsa-cm33-6792-r9fm, ghsa-cphf-4846-3xx9, ghsa-fghv-69vj-qj49, ghsa-h5fg-jpgr-rv9c, ghsa-hq9p-pm7w-8p54, ghsa-j288-q9x7-2f5v, ghsa-m4cv-j2px-7723, ghsa-mj4r-2hfc-f8p6, ghsa-p93r-85wp-75v3, ghsa-pwqr-wmgm-9rr8, ghsa-rc95-pcm8-65v9, ghsa-rwm7-x88c-3g2p, ghsa-v8h7-rr48-vmmv, ghsa-w9fj-cfpg-grvv, ghsa-wg6q-6289-32hp, ghsa-xxqh-mfjm-7mv9 applied in versions: 26.1.4-r1, 26.4.11-r0, 26.4.11-r2",
"upstream": [
"CVE-2025-59250",
"CVE-2026-1002",
"CVE-2026-33870",
"CVE-2026-33871",
"CVE-2026-39852",
"CVE-2026-41417",
"CVE-2026-42198",
"CVE-2026-42577",
"CVE-2026-42578",
"CVE-2026-42579",
"CVE-2026-42580",
"CVE-2026-42581",
"CVE-2026-42583",
"CVE-2026-42584",
"CVE-2026-42585",
"CVE-2026-42587",
"CVE-2026-5588",
"CVE-2026-5598",
"ghsa-38f8-5428-x5cv",
"ghsa-3p8m-j85q-pgmj",
"ghsa-45p5-v273-3qqr",
"ghsa-45q3-82m4-75jr",
"ghsa-4cx2-fc23-5wg6",
"ghsa-57rv-r2g8-2cj3",
"ghsa-9342-92gg-6v29",
"ghsa-98qh-xjc8-98pq",
"ghsa-c3fc-8qff-9hwx",
"ghsa-cm33-6792-r9fm",
"ghsa-cphf-4846-3xx9",
"ghsa-fghv-69vj-qj49",
"ghsa-h5fg-jpgr-rv9c",
"ghsa-hq9p-pm7w-8p54",
"ghsa-j288-q9x7-2f5v",
"ghsa-m4cv-j2px-7723",
"ghsa-mj4r-2hfc-f8p6",
"ghsa-p93r-85wp-75v3",
"ghsa-pwqr-wmgm-9rr8",
"ghsa-rc95-pcm8-65v9",
"ghsa-rwm7-x88c-3g2p",
"ghsa-v8h7-rr48-vmmv",
"ghsa-w9fj-cfpg-grvv",
"ghsa-wg6q-6289-32hp",
"ghsa-xxqh-mfjm-7mv9"
]
}
FKIE_CVE-2026-39852
Vulnerability from fkie_nvd - Published: 2026-05-05 21:16 - Updated: 2026-07-03 13:178.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9 | Vendor Advisory | |
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://access.redhat.com/errata/RHSA-2026:11720 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://access.redhat.com/errata/RHSA-2026:11721 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://access.redhat.com/errata/RHSA-2026:13631 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://access.redhat.com/errata/RHSA-2026:17789 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://access.redhat.com/errata/RHSA-2026:25089 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://access.redhat.com/errata/RHSA-2026:34608 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://access.redhat.com/security/cve/CVE-2026-39852 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | ||
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39852.json |
{
"affected": [
{
"affectedData": [
{
"product": "quarkus",
"vendor": "quarkusio",
"versions": [
{
"status": "affected",
"version": "\u003c 3.20.6.1"
},
{
"status": "affected",
"version": "\u003e= 3.27.3.0, \u003c 3.27.3.1"
},
{
"status": "affected",
"version": "\u003e= 3.34.0, \u003c 3.34.7"
},
{
"status": "affected",
"version": "\u003e= 3.35.0, \u003c 3.35.2"
}
]
}
],
"source": "security-advisories@github.com"
},
{
"affectedData": [
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
],
"defaultStatus": "affected",
"product": "HawtIO HawtIO 4.4.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_quarkus:3.27"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.20::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.20.6.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.27::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.27.3.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:2.9::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 2.9.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:debezium:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Debezium 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:optaplanner:::el6"
],
"defaultStatus": "affected",
"product": "Red Hat build of OptaPlanner 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "unaffected",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "unaffected",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
}
],
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE56EF-94DF-4552-B4E4-B72B532DE04C",
"versionEndExcluding": "3.20.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE8ACEA5-1401-493F-A1E5-0D9D87174161",
"versionEndExcluding": "3.27.3.1",
"versionStartIncluding": "3.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E37E4AF5-6CDF-47E7-998C-C8744296A503",
"versionEndExcluding": "3.33.1.1",
"versionStartIncluding": "3.28.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6179CFEC-6CBF-45D7-9DE5-F47CB1D36F99",
"versionEndExcluding": "3.34.7",
"versionStartIncluding": "3.34.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4397C81B-D8AF-4DD5-86B4-70CE00462BD3",
"versionEndExcluding": "3.35.2",
"versionStartIncluding": "3.35.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the security layer and the routing layer allows unauthenticated or lower-privileged users to bypass HTTP path-based authorization policies. Quarkus\u0027s security layer performs authorization checks on the raw URL path which preserves matrix parameters (semicolons), while RESTEasy Reactive\u0027s routing layer strips matrix parameters before matching endpoints. An attacker can append a semicolon and arbitrary text to a request URL (e.g., /api/admin;anything) to bypass policies protecting /api/admin while still routing to the protected endpoint. This issue has been fixed in versions 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2."
}
],
"id": "CVE-2026-39852",
"lastModified": "2026-07-03T13:17:09.577",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2,
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-39852",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T12:53:24.440906Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-05-05T21:16:22.823",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:11720"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-39852.json"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-551"
}
],
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"type": "Secondary"
}
]
}
GHSA-RC95-PCM8-65V9
Vulnerability from github – Published: 2026-05-04 17:20 – Updated: 2026-05-08 15:31Quarkus version 3.32.4 is vulnerable to an authorization bypass issue (GHSL-2026-099), in which semicolons (matrix parameters) in HTTP requests can be used to bypass security constraints, potentially allowing unauthorized access to protected resources.
Unauthenticated or lower-privileged users can bypass HTTP path-based authorization policies by appending a semicolon (;) and arbitrary text to the request URL. The vulnerability arises from a path-normalization inconsistency: Quarkus's security layer performs authorization checks on the raw URL path (which preserves matrix parameters), whereas RESTEasy Reactive's routing layer strips matrix parameters before matching endpoints. This allows requests like /api/admin;anything to bypass policies protecting /api/admin while still routing to the protected endpoint.
Impact
This issue may lead to Authentication/Authorization bypasses.
Credits
This issue was discovered with the GitHub Security Lab Taskflow Agent and manually verified by GHSL team members @p- (Peter Stöckli) and @m-y-mo (Man Yue Mo).
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "io.quarkus:quarkus-vertx-http"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.20.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "io.quarkus:quarkus-vertx-http"
},
"ranges": [
{
"events": [
{
"introduced": "3.21.0"
},
{
"fixed": "3.27.3.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "io.quarkus:quarkus-vertx-http"
},
"ranges": [
{
"events": [
{
"introduced": "3.30.0"
},
{
"fixed": "3.33.1.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "io.quarkus:quarkus-vertx-http"
},
"ranges": [
{
"events": [
{
"introduced": "3.34.0"
},
{
"fixed": "3.35.1.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-39852"
],
"database_specific": {
"cwe_ids": [
"CWE-287",
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-04T17:20:20Z",
"nvd_published_at": "2026-05-05T21:16:22Z",
"severity": "HIGH"
},
"details": "Quarkus version 3.32.4 is vulnerable to an authorization bypass issue (GHSL-2026-099), in which semicolons (matrix parameters) in HTTP requests can be used to bypass security constraints, potentially allowing unauthorized access to protected resources.\n\nUnauthenticated or lower-privileged users can bypass HTTP path-based authorization policies by appending a semicolon (`;`) and arbitrary text to the request URL. The vulnerability arises from a path-normalization inconsistency: Quarkus\u0027s [security layer](https://quarkus.io/guides/security-authorize-web-endpoints-reference) performs authorization checks on the raw URL path (which preserves matrix parameters), whereas RESTEasy Reactive\u0027s routing layer strips matrix parameters before matching endpoints. This allows requests like `/api/admin;anything` to bypass policies protecting `/api/admin` while still routing to the protected endpoint.\n\n\n### Impact\n\nThis issue may lead to Authentication/Authorization bypasses.\n\n### Credits\n\nThis issue was discovered with the [GitHub Security Lab Taskflow Agent](https://github.com/GitHubSecurityLab/seclab-taskflow-agent) and manually verified by GHSL team members [@p- (Peter St\u00f6ckli)](https://github.com/p-) and [@m-y-mo (Man Yue Mo)](https://github.com/m-y-mo).",
"id": "GHSA-rc95-pcm8-65v9",
"modified": "2026-05-08T15:31:20Z",
"published": "2026-05-04T17:20:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"type": "PACKAGE",
"url": "https://github.com/quarkusio/quarkus"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Quarkus has Authentication/Authorization bypasses"
}
RHSA-2026:11720
Vulnerability from csaf_redhat - Published: 2026-05-05 03:47 - Updated: 2026-07-03 12:02A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.20.6.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.20::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.20.6.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.20::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.20.6.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.20::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus's security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.20.6.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.20::el8
|
— |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:11720 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/products/quarkus/ | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://docs.redhat.com/en/documentation/red_hat_… | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2025-14813 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458640 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-14813 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-14813 | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-0636 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458641 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-0636 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-0636 | external |
| https://github.com/bcgit/bc-java/commit/d20cdb843… | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-5588 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458634 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-5588 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-5588 | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-39852 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-39852 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-39852 | external |
| https://github.com/quarkusio/quarkus/security/adv… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 3.20.6.SP1 includes the following CVE fixes:\n\n* quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests [quarkus-3.20] (CVE-2026-39852)\n* bcprov-jdk18on: GOSTCTR implementation unable to process more than 255 blocks correctly [quarkus-3.20] (CVE-2025-14813)\n* bcpkix-jdk18on: PKIX draft CompositeVerifier accepts empty signature sequence as valid [quarkus-3.20] (CVE-2026-5588)\n* bcprov-jdk18on: LDAP injection vulnerability in LDAPStoreHelper.java [quarkus-3.20] (CVE-2026-0636)\n\nFor more information, see the release notes page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11720",
"url": "https://access.redhat.com/errata/RHSA-2026:11720"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/quarkus/",
"url": "https://access.redhat.com/products/quarkus/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.20.6.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.20.6.SP1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.20",
"url": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.20"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11720.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 3.20.6.SP1 security update",
"tracking": {
"current_release_date": "2026-07-03T12:02:32+00:00",
"generator": {
"date": "2026-07-03T12:02:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:11720",
"initial_release_date": "2026-05-05T03:47:27+00:00",
"revision_history": [
{
"date": "2026-05-05T03:47:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-05T03:47:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T12:02:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 3.20.6.SP1",
"product": {
"name": "Red Hat build of Quarkus 3.20.6.SP1",
"product_id": "Red Hat build of Quarkus 3.20.6.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:3.20::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14813",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2026-04-15T10:01:27.769752+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458640"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to capture ciphertext encrypted by the `GOSTCTR` implementation where the `G3413CTRBlockCipher` processed more than 255 blocks of data, resulting in keystream reuse. An attack typically requires capturing these overlapping ciphertexts to perform cryptanalysis and uncover the underlying data.\nThe primary impact of this vulnerability is the potential loss of confidentiality for data encrypted by the `GOSTCTR` implementation. This can compromise encrypted communications or sensitive stored data by allowing an attacker to fully recover the plaintext.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14813"
},
{
"category": "external",
"summary": "RHBZ#2458640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458640"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14813"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813"
}
],
"release_date": "2026-04-15T08:56:34.057000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11720"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly limit the payload encrypted under a single key and Initialization Vector (IV) pair using the GOSTCTR implementation and G3413CTRBlockCipher to a maximum of 255 blocks. Alternatively, transition to a more secure, standardized and authenticated encryption mode.",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly"
},
{
"cve": "CVE-2026-0636",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2026-04-15T10:01:32.911938+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to submit crafted input to an application using the `LDAPStoreHelper` implementation for directory queries. An attack typically requires the application to pass the malicious input directly into a search filter, allowing the attacker to modify the resulting LDAP query.\nThe primary impact of this vulnerability is the loss of confidentiality and integrity for directory data. This can allow an attacker to bypass search restrictions and manipulate directory results, potentially leading to unauthorized access or privilege escalation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0636"
},
{
"category": "external",
"summary": "RHBZ#2458641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0636"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde",
"url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636"
}
],
"release_date": "2026-04-15T08:59:12.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11720"
},
{
"category": "workaround",
"details": "To mitigate this flaw, sanitize all user-supplied input to remove or escape LDAP special characters before passing it to the LDAPStoreHelper for directory queries. If the input contains unexpected metacharacters such as asterisks, parentheses or backslashes, reject the request or escape the characters.",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java"
},
{
"cve": "CVE-2026-5588",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-04-15T10:00:59.672015+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to submit a crafted payload or token containing an empty signature sequence to an application using the `CompositeVerifier` for cryptographic validation. An attack typically requires the application to process this malformed data and improperly accept the empty sequence as a valid signature, bypassing standard verification checks.\nThe primary impact of this vulnerability is the compromise of data authenticity and integrity, allowing an attacker to forge digital signatures and impersonate trusted entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-5588"
},
{
"category": "external",
"summary": "RHBZ#2458634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-5588",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588"
}
],
"release_date": "2026-04-15T09:06:15.617000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11720"
},
{
"category": "workaround",
"details": "To mitigate this flaw, check that the signature sequence is not empty before passing any data to the CompositeVerifier for cryptographic validation. If the sequence is empty or null, explicitly reject the payload before it is processed.",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid"
},
{
"cve": "CVE-2026-39852",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-04-13T13:26:46.572000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457819"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "RHBZ#2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"release_date": "2026-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:27+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11720"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.",
"product_ids": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.20.6.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests"
}
]
}
RHSA-2026:11721
Vulnerability from csaf_redhat - Published: 2026-05-05 03:47 - Updated: 2026-07-03 12:02A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.3.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.3.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.3.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer deallocation and potential reuse by other messages. Consequently, sensitive data may be exposed to unauthorized consumers, and data integrity can be compromised through deserialization failures and processing errors.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.3.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus's security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.3.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:11721 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/products/quarkus/ | external |
| https://access.redhat.com/jbossnetwork/restricted… | external |
| https://docs.redhat.com/en/documentation/red_hat_… | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2025-14813 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458640 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-14813 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-14813 | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-0636 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458641 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-0636 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-0636 | external |
| https://github.com/bcgit/bc-java/commit/d20cdb843… | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-5588 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458634 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-5588 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-5588 | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-35554 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455916 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-35554 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-35554 | external |
| https://issues.apache.org/jira/browse/KAFKA-19012 | external |
| https://lists.apache.org/thread/f07x7j8ovyqhjd1to… | external |
| https://access.redhat.com/security/cve/CVE-2026-39852 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-39852 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-39852 | external |
| https://github.com/quarkusio/quarkus/security/adv… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 3.27.3.SP1 includes the following CVE fixes:\n\n* quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests [quarkus-3.27] (CVE-2026-39852)\n* bcprov-jdk18on: LDAP injection vulnerability in LDAPStoreHelper.java [quarkus-3.27] (CVE-2026-0636)\n* bcpkix-jdk18on: PKIX draft CompositeVerifier accepts empty signature sequence as valid [quarkus-3.27] (CVE-2026-5588)\n* bcprov-jdk18on: GOSTCTR implementation unable to process more than 255 blocks correctly [quarkus-3.27] (CVE-2025-14813)\n* kafka-clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management [quarkus-3.27] (CVE-2026-35554)\n\nFor more information, see the release notes page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:11721",
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/quarkus/",
"url": "https://access.redhat.com/products/quarkus/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.3.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.3.SP1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27",
"url": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_11721.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 3.27.3.SP1 security update",
"tracking": {
"current_release_date": "2026-07-03T12:02:32+00:00",
"generator": {
"date": "2026-07-03T12:02:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:11721",
"initial_release_date": "2026-05-05T03:47:16+00:00",
"revision_history": [
{
"date": "2026-05-05T03:47:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-05T03:47:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T12:02:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 3.27.3.SP1",
"product": {
"name": "Red Hat build of Quarkus 3.27.3.SP1",
"product_id": "Red Hat build of Quarkus 3.27.3.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:3.27::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14813",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2026-04-15T10:01:27.769752+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458640"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to capture ciphertext encrypted by the `GOSTCTR` implementation where the `G3413CTRBlockCipher` processed more than 255 blocks of data, resulting in keystream reuse. An attack typically requires capturing these overlapping ciphertexts to perform cryptanalysis and uncover the underlying data.\nThe primary impact of this vulnerability is the potential loss of confidentiality for data encrypted by the `GOSTCTR` implementation. This can compromise encrypted communications or sensitive stored data by allowing an attacker to fully recover the plaintext.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14813"
},
{
"category": "external",
"summary": "RHBZ#2458640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458640"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14813"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813"
}
],
"release_date": "2026-04-15T08:56:34.057000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly limit the payload encrypted under a single key and Initialization Vector (IV) pair using the GOSTCTR implementation and G3413CTRBlockCipher to a maximum of 255 blocks. Alternatively, transition to a more secure, standardized and authenticated encryption mode.",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly"
},
{
"cve": "CVE-2026-0636",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2026-04-15T10:01:32.911938+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to submit crafted input to an application using the `LDAPStoreHelper` implementation for directory queries. An attack typically requires the application to pass the malicious input directly into a search filter, allowing the attacker to modify the resulting LDAP query.\nThe primary impact of this vulnerability is the loss of confidentiality and integrity for directory data. This can allow an attacker to bypass search restrictions and manipulate directory results, potentially leading to unauthorized access or privilege escalation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0636"
},
{
"category": "external",
"summary": "RHBZ#2458641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0636"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde",
"url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636"
}
],
"release_date": "2026-04-15T08:59:12.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"category": "workaround",
"details": "To mitigate this flaw, sanitize all user-supplied input to remove or escape LDAP special characters before passing it to the LDAPStoreHelper for directory queries. If the input contains unexpected metacharacters such as asterisks, parentheses or backslashes, reject the request or escape the characters.",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java"
},
{
"cve": "CVE-2026-5588",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-04-15T10:00:59.672015+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to submit a crafted payload or token containing an empty signature sequence to an application using the `CompositeVerifier` for cryptographic validation. An attack typically requires the application to process this malformed data and improperly accept the empty sequence as a valid signature, bypassing standard verification checks.\nThe primary impact of this vulnerability is the compromise of data authenticity and integrity, allowing an attacker to forge digital signatures and impersonate trusted entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-5588"
},
{
"category": "external",
"summary": "RHBZ#2458634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-5588",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588"
}
],
"release_date": "2026-04-15T09:06:15.617000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"category": "workaround",
"details": "To mitigate this flaw, check that the signature sequence is not empty before passing any data to the CompositeVerifier for cryptographic validation. If the sequence is empty or null, explicitly reject the payload before it is processed.",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid"
},
{
"cve": "CVE-2026-35554",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-07T14:01:09.792155+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Kafka Java producer client. A race condition in the client\u0027s buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer deallocation and potential reuse by other messages. Consequently, sensitive data may be exposed to unauthorized consumers, and data integrity can be compromised through deserialization failures and processing errors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35554"
},
{
"category": "external",
"summary": "RHBZ#2455916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35554",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35554"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/KAFKA-19012",
"url": "https://issues.apache.org/jira/browse/KAFKA-19012"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/f07x7j8ovyqhjd1to25jsnqbm6wj01d6",
"url": "https://lists.apache.org/thread/f07x7j8ovyqhjd1to25jsnqbm6wj01d6"
}
],
"release_date": "2026-04-07T13:07:08.679000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management"
},
{
"cve": "CVE-2026-39852",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-04-13T13:26:46.572000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457819"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "RHBZ#2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"release_date": "2026-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T03:47:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:11721"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.",
"product_ids": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.3.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests"
}
]
}
RHSA-2026:13631
Vulnerability from csaf_redhat - Published: 2026-05-05 07:56 - Updated: 2026-07-03 12:02A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 4.14 for Quarkus 3.27
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.27
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 4.14 for Quarkus 3.27
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.27
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD (Authenticated Encryption with Associated Data) message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory exhaustion in a JVM, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 4.14 for Quarkus 3.27
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.27
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 4.14 for Quarkus 3.27
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.27
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Apache Kafka Java producer client. A race condition in the client's buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer deallocation and potential reuse by other messages. Consequently, sensitive data may be exposed to unauthorized consumers, and data integrity can be compromised through deserialization failures and processing errors.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 4.14 for Quarkus 3.27
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.27
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus's security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 4.14 for Quarkus 3.27
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.27
|
— |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:13631 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://access.redhat.com/security/cve/CVE-2026-0636 | external |
| https://access.redhat.com/security/cve/CVE-2026-3505 | external |
| https://access.redhat.com/security/cve/CVE-2026-5588 | external |
| https://access.redhat.com/security/cve/CVE-2025-14813 | external |
| https://access.redhat.com/security/cve/CVE-2026-35554 | external |
| https://access.redhat.com/security/cve/CVE-2026-39852 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455916 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458634 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458638 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458640 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458641 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2025-14813 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458640 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-14813 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-14813 | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-0636 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458641 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-0636 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-0636 | external |
| https://github.com/bcgit/bc-java/commit/d20cdb843… | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-3505 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458638 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-3505 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-3505 | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-5588 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458634 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-5588 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-5588 | external |
| https://github.com/bcgit/bc-java/wiki/CVE%E2%80%9… | external |
| https://access.redhat.com/security/cve/CVE-2026-35554 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455916 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-35554 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-35554 | external |
| https://issues.apache.org/jira/browse/KAFKA-19012 | external |
| https://lists.apache.org/thread/f07x7j8ovyqhjd1to… | external |
| https://access.redhat.com/security/cve/CVE-2026-39852 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-39852 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-39852 | external |
| https://github.com/quarkusio/quarkus/security/adv… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1).\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\nRed Hat Product Security has rated this update as having a security impact of Important.",
"title": "Topic"
},
{
"category": "general",
"text": "An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1).\n The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products:\n * bcprov-jdk18on: LDAP injection vulnerability in LDAPStoreHelper.java [rhboac-camel-quarkus-3] (CVE-2026-0636)\n * bcpg-jdk18on: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion [rhboac-camel-quarkus-3] (CVE-2026-3505)\n * bcpkix-jdk18on: PKIX draft CompositeVerifier accepts empty signature sequence as valid [rhboac-camel-quarkus-3] (CVE-2026-5588)\n * bcprov-jdk18on: GOSTCTR implementation unable to process more than 255 blocks correctly [rhboac-camel-quarkus-3] (CVE-2025-14813)\n * kafka-clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management [rhboac-camel-quarkus-3] (CVE-2026-35554)\n * quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests [rhboac-camel-quarkus-3] (CVE-2026-39852)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:13631",
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0636",
"url": "https://access.redhat.com/security/cve/CVE-2026-0636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-3505",
"url": "https://access.redhat.com/security/cve/CVE-2026-3505"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-5588",
"url": "https://access.redhat.com/security/cve/CVE-2026-5588"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-14813",
"url": "https://access.redhat.com/security/cve/CVE-2025-14813"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35554",
"url": "https://access.redhat.com/security/cve/CVE-2026-35554"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39852",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "2455916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455916"
},
{
"category": "external",
"summary": "2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "2458634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458634"
},
{
"category": "external",
"summary": "2458638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458638"
},
{
"category": "external",
"summary": "2458640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458640"
},
{
"category": "external",
"summary": "2458641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458641"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13631.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.SP1)",
"tracking": {
"current_release_date": "2026-07-03T12:02:32+00:00",
"generator": {
"date": "2026-07-03T12:02:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:13631",
"initial_release_date": "2026-05-05T07:56:59+00:00",
"revision_history": [
{
"date": "2026-05-05T07:56:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-05T07:56:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T12:02:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
"product": {
"name": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
"product_id": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_quarkus:3.27"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-14813",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2026-04-15T10:01:27.769752+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458640"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `GOSTCTR` implementation is unable to securely process more than 255 blocks of data due to keystream reuse. This issue allows an attacker to break the fundamental confidentiality of any data protected by the `G3413CTRBlockCipher`, potentially leading to the recovery and access of encrypted data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to capture ciphertext encrypted by the `GOSTCTR` implementation where the `G3413CTRBlockCipher` processed more than 255 blocks of data, resulting in keystream reuse. An attack typically requires capturing these overlapping ciphertexts to perform cryptanalysis and uncover the underlying data.\nThe primary impact of this vulnerability is the potential loss of confidentiality for data encrypted by the `GOSTCTR` implementation. This can compromise encrypted communications or sensitive stored data by allowing an attacker to fully recover the plaintext.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14813"
},
{
"category": "external",
"summary": "RHBZ#2458640",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458640"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14813"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%9014813"
}
],
"release_date": "2026-04-15T08:56:34.057000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T07:56:59+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, strictly limit the payload encrypted under a single key and Initialization Vector (IV) pair using the GOSTCTR implementation and G3413CTRBlockCipher to a maximum of 255 blocks. Alternatively, transition to a more secure, standardized and authenticated encryption mode.",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly"
},
{
"cve": "CVE-2026-0636",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2026-04-15T10:01:32.911938+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458641"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcprov. The `LDAPStoreHelper` implementation fails to properly neutralize special elements in user-supplied input before incorporating them into LDAP queries. This allows a remote attacker to execute an LDAP injection attack by supplying crafted input, potentially leading to disclosure of sensitive information or the manipulation of directory search queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to submit crafted input to an application using the `LDAPStoreHelper` implementation for directory queries. An attack typically requires the application to pass the malicious input directly into a search filter, allowing the attacker to modify the resulting LDAP query.\nThe primary impact of this vulnerability is the loss of confidentiality and integrity for directory data. This can allow an attacker to bypass search restrictions and manipulate directory results, potentially leading to unauthorized access or privilege escalation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0636"
},
{
"category": "external",
"summary": "RHBZ#2458641",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458641"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0636",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0636"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0636"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde",
"url": "https://github.com/bcgit/bc-java/commit/d20cdb8430e09224114fec0179a71859929fcbde"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%900636"
}
],
"release_date": "2026-04-15T08:59:12.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T07:56:59+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"category": "workaround",
"details": "To mitigate this flaw, sanitize all user-supplied input to remove or escape LDAP special characters before passing it to the LDAPStoreHelper for directory queries. If the input contains unexpected metacharacters such as asterisks, parentheses or backslashes, reject the request or escape the characters.",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java"
},
{
"cve": "CVE-2026-3505",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-15T10:01:17.415497+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458638"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpg. A specially crafted PGP AEAD (Authenticated Encryption with Associated Data) message with an unbounded chunk size can lead to an excessive consumption of memory. This issue allows an unauthenticated remote attacker to cause memory exhaustion in a JVM, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to submit a specially crafted PGP AEAD message containing an unbounded chunk size to an application. An attack typically requires the application to process this malformed data, resulting in the uncontrolled allocation of memory resources.\nThe primary impact of this vulnerability is a compromise of system availability, allowing an unauthenticated remote attacker to cause memory exhaustion in a JVM, resulting in a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3505"
},
{
"category": "external",
"summary": "RHBZ#2458638",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458638"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3505",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3505"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3505",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3505"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%903505",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%903505"
}
],
"release_date": "2026-04-15T09:06:37.939000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T07:56:59+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, enforce payload size limits on all incoming PGP messages before processing them. Additionally, apply memory quotas to the JVM or container environment to prevent a complete system outage in the event of memory exhaustion.",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion"
},
{
"cve": "CVE-2026-5588",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-04-15T10:00:59.672015+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix. The PKIX draft `CompositeVerifier` implementation improperly accepts an empty signature sequence as a valid cryptographic signature. This issue allows a remote attacker to bypass signature verification mechanisms, potentially compromising the authenticity and integrity of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to submit a crafted payload or token containing an empty signature sequence to an application using the `CompositeVerifier` for cryptographic validation. An attack typically requires the application to process this malformed data and improperly accept the empty sequence as a valid signature, bypassing standard verification checks.\nThe primary impact of this vulnerability is the compromise of data authenticity and integrity, allowing an attacker to forge digital signatures and impersonate trusted entities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-5588"
},
{
"category": "external",
"summary": "RHBZ#2458634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-5588",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5588"
},
{
"category": "external",
"summary": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588",
"url": "https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902026%E2%80%905588"
}
],
"release_date": "2026-04-15T09:06:15.617000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T07:56:59+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"category": "workaround",
"details": "To mitigate this flaw, check that the signature sequence is not empty before passing any data to the CompositeVerifier for cryptographic validation. If the sequence is empty or null, explicitly reject the payload before it is processed.",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid"
},
{
"cve": "CVE-2026-35554",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-07T14:01:09.792155+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455916"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Apache Kafka Java producer client. A race condition in the client\u0027s buffer pool management can cause messages to be silently delivered to incorrect topics. This occurs when a message batch expires while its network request is still active, leading to premature buffer deallocation and potential reuse by other messages. Consequently, sensitive data may be exposed to unauthorized consumers, and data integrity can be compromised through deserialization failures and processing errors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35554"
},
{
"category": "external",
"summary": "RHBZ#2455916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455916"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35554",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35554"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35554",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35554"
},
{
"category": "external",
"summary": "https://issues.apache.org/jira/browse/KAFKA-19012",
"url": "https://issues.apache.org/jira/browse/KAFKA-19012"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/f07x7j8ovyqhjd1to25jsnqbm6wj01d6",
"url": "https://lists.apache.org/thread/f07x7j8ovyqhjd1to25jsnqbm6wj01d6"
}
],
"release_date": "2026-04-07T13:07:08.679000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T07:56:59+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management"
},
{
"cve": "CVE-2026-39852",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-04-13T13:26:46.572000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457819"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "RHBZ#2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"release_date": "2026-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-05T07:56:59+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13631"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.",
"product_ids": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests"
}
]
}
RHSA-2026:17789
Vulnerability from csaf_redhat - Published: 2026-05-26 03:53 - Updated: 2026-07-06 03:33A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Workaround
|
A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus's security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — |
Workaround
|
A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 | — | ||
| Unresolved product id: 9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 | — |
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:17789 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2430180 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447142 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447143 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447144 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447145 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2449833 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2451867 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452453 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452456 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2453496 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455470 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455972 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455975 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2460221 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2460297 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2026-1002 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2430180 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-1002 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-1002 | external |
| https://github.com/eclipse-vertx/vert.x/pull/5895 | external |
| https://access.redhat.com/security/cve/CVE-2026-1525 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447144 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-1525 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-1525 | external |
| https://cna.openjsf.org/security-advisories.html | external |
| https://cwe.mitre.org/data/definitions/444.html | external |
| https://github.com/nodejs/undici/security/advisor… | external |
| https://hackerone.com/reports/3556037 | external |
| https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6 | external |
| https://access.redhat.com/security/cve/CVE-2026-1526 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447142 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-1526 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-1526 | external |
| https://datatracker.ietf.org/doc/html/rfc7692 | external |
| https://github.com/nodejs/undici/security/advisor… | external |
| https://hackerone.com/reports/3481206 | external |
| https://access.redhat.com/security/cve/CVE-2026-1528 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447145 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-1528 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-1528 | external |
| https://github.com/nodejs/undici/security/advisor… | external |
| https://hackerone.com/reports/3537648 | external |
| https://access.redhat.com/security/cve/CVE-2026-2229 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2447143 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-2229 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-2229 | external |
| https://github.com/nodejs/undici/security/advisor… | external |
| https://hackerone.com/reports/3487486 | external |
| https://nodejs.org/api/zlib.html#class-zlibinflateraw | external |
| https://access.redhat.com/security/cve/CVE-2026-4800 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2453496 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-4800 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-4800 | external |
| https://github.com/advisories/GHSA-35jh-r3h4-6jhm | external |
| https://github.com/lodash/lodash/commit/3469357cf… | external |
| https://access.redhat.com/security/cve/CVE-2026-4926 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2451867 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-4926 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-4926 | external |
| https://access.redhat.com/security/cve/CVE-2026-33186 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2449833 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33186 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33186 | external |
| https://github.com/grpc/grpc-go/security/advisori… | external |
| https://access.redhat.com/security/cve/CVE-2026-33813 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2460221 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33813 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33813 | external |
| https://go.dev/cl/759860 | external |
| https://go.dev/issue/78407 | external |
| https://pkg.go.dev/vuln/GO-2026-4961 | external |
| https://access.redhat.com/security/cve/CVE-2026-33815 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455975 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33815 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33815 | external |
| https://pkg.go.dev/vuln/GO-2026-4771 | external |
| https://access.redhat.com/security/cve/CVE-2026-33816 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455972 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33816 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33816 | external |
| https://pkg.go.dev/vuln/GO-2026-4772 | external |
| https://access.redhat.com/security/cve/CVE-2026-33870 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452453 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33870 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33870 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://w4ke.info/2025/06/18/funky-chunks.html | external |
| https://w4ke.info/2025/10/29/funky-chunks-2.html | external |
| https://www.rfc-editor.org/rfc/rfc9110 | external |
| https://access.redhat.com/security/cve/CVE-2026-33871 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452456 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33871 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33871 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-34986 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2455470 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-34986 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-34986 | external |
| https://github.com/go-jose/go-jose/security/advis… | external |
| https://pkg.go.dev/github.com/go-jose/go-jose/v4#… | external |
| https://access.redhat.com/security/cve/CVE-2026-39852 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-39852 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-39852 | external |
| https://github.com/quarkusio/quarkus/security/adv… | external |
| https://access.redhat.com/security/cve/CVE-2026-40895 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2460297 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-40895 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-40895 | external |
| https://github.com/follow-redirects/follow-redire… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "New Red Hat build of Cryostat 4.2.0 on RHEL 9 container images are now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Cryostat 4 on RHEL 9 container images have been updated to fix several bugs.\n\nUsers of Cryostat 4 on RHEL 9 container images are advised to upgrade to these updated images, which contain backported patches to fix these bugs and add these enhancements. Users of these images are also encouraged to rebuild all container images that depend on these images.\n\nSecurity Fix(es):\n\n* golang.org/x/image: Denial of Service via malformed WEBP image parsing (CVE-2026-33813)\n* follow-redirects: Information disclosure via cross-domain redirects (CVE-2026-40895)\n* io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests (CVE-2026-39852)\n* github.com/jackc/pgx: Memory-safety vulnerability (CVE-2026-33815, CVE-2026-33816)\n* github.com/go-jose/go-jose: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n* lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800)\n* netty: Denial of Service via HTTP/2 CONTINUATION frame flood (CVE-2026-33871)\n* io.netty/netty-codec-http: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values (CVE-2026-33870)\n* path-to-regexp: Denial of Service via crafted regular expressions (CVE-2026-4926)\n* undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers (CVE-2026-1525)\n* google.golang.org/grpc: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n* undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression (CVE-2026-1526)\n* undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter (CVE-2026-2229)\n* undici: Denial of Service via crafted WebSocket frame with large length (CVE-2026-1528)\n* io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files (CVE-2026-1002)\n\nYou can find images updated by this advisory in the Red Hat Container Catalog (see the References section).",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:17789",
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "2460297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_17789.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat 4.2.0: new RHEL 9 container image security update",
"tracking": {
"current_release_date": "2026-07-06T03:33:21+00:00",
"generator": {
"date": "2026-07-06T03:33:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:17789",
"initial_release_date": "2026-05-26T03:53:34+00:00",
"revision_history": [
{
"date": "2026-05-26T03:53:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-26T03:53:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-06T03:33:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 4 on RHEL 9",
"product": {
"name": "Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:4::el9"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.7.0-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.2.0-13"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"product_id": "cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.2.0-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.2.0-13"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.2.0-13"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.2.0-9"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"product": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"product_id": "cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9\u0026tag=0.7.0-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"product": {
"name": "cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"product_id": "cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9\u0026tag=4.2.0-13"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"product": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"product_id": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"product": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"product_id": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"product": {
"name": "cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"product_id": "cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"product": {
"name": "cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"product_id": "cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9\u0026tag=4.2.0-9"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"product": {
"name": "cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"product_id": "cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle\u0026tag=4.2.0-7"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"product": {
"name": "cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"product_id": "cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator\u0026tag=4.2.0-13"
}
}
},
{
"category": "product_version",
"name": "cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"product": {
"name": "cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"product_id": "cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9\u0026tag=4.2.0-13"
}
}
},
{
"category": "product_version",
"name": "cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64",
"product": {
"name": "cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64",
"product_id": "cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333?arch=amd64\u0026repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9\u0026tag=4.2.0-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64"
},
"product_reference": "cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64"
},
"product_reference": "cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64"
},
"product_reference": "cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64"
},
"product_reference": "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64"
},
"product_reference": "cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64"
},
"product_reference": "cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64"
},
"product_reference": "cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
},
"product_reference": "cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
},
"product_reference": "cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"relates_to_product_reference": "9Base-Cryostat-4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64 as a component of Cryostat 4 on RHEL 9",
"product_id": "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
},
"product_reference": "cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64",
"relates_to_product_reference": "9Base-Cryostat-4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-1002",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-01-15T21:03:20.088599+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability allows a remote attacker to block access to specific static files, such as images, CSS or HTML files. However, the underlying Vert.x server, the API endpoints and other non-cached resources are not affected. Due to this reason, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1002"
},
{
"category": "external",
"summary": "RHBZ#2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/5895",
"url": "https://github.com/eclipse-vertx/vert.x/pull/5895"
}
],
"release_date": "2026-01-15T20:50:25.642000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, consider disabling the static handler cache by configuring the StaticHandler instance with setCachingEnabled(false), for example:\n\n~~~\nStaticHandler staticHandler = StaticHandler.create().setCachingEnabled(false);\n~~~",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files"
},
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4926",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T20:03:28.427630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.\n\nThe Red Hat Advanced Cluster Security is not affected by this issue since it\u0027s shipping a `path-to-regexp` version which doesn\u0027t contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "RHBZ#2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"release_date": "2026-03-26T18:59:38+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33813",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2026-04-21T20:01:02.224363+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460221"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/image. A remote attacker could exploit this vulnerability by providing a specially crafted WEBP image with an invalid, large size. This could cause the application to panic and crash on 32-bit platforms, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33813"
},
{
"category": "external",
"summary": "RHBZ#2460221",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460221"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33813"
},
{
"category": "external",
"summary": "https://go.dev/cl/759860",
"url": "https://go.dev/cl/759860"
},
{
"category": "external",
"summary": "https://go.dev/issue/78407",
"url": "https://go.dev/issue/78407"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4961",
"url": "https://pkg.go.dev/vuln/GO-2026-4961"
}
],
"release_date": "2026-04-21T19:21:27.644000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33870",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-27T21:01:59.865839+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452453"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"category": "external",
"summary": "RHBZ#2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
"url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
"url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110",
"url": "https://www.rfc-editor.org/rfc/rfc9110"
}
],
"release_date": "2026-03-27T19:54:15.586000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values"
},
{
"cve": "CVE-2026-33871",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-27T21:02:13.396015+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452456"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server\u0027s lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This important vulnerability in Netty HTTP/2 servers allows a remote attacker to cause a Denial of Service by sending a flood of CONTINUATION frames. This can lead to excessive CPU consumption and render the server unresponsive. Red Hat products utilizing affected Netty versions, such as Red Hat AMQ, Enterprise Application Platform, and OpenShift Container Platform components, are impacted if configured to use HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33871"
},
{
"category": "external",
"summary": "RHBZ#2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv"
}
],
"release_date": "2026-03-27T19:55:23.135000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-39852",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-04-13T13:26:46.572000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457819"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "RHBZ#2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"release_date": "2026-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests"
},
{
"cve": "CVE-2026-40895",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2026-04-21T21:02:33.280553+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460297"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in follow-redirects. When an HTTP request follows a cross-domain redirect (a redirection to a different domain), custom authentication headers, such as X-API-Key or X-Auth-Token, are not properly stripped. This allows these sensitive headers to be forwarded verbatim to the redirect target, potentially leading to the unintended disclosure of authentication information to an untrusted third party.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64"
],
"known_not_affected": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40895"
},
{
"category": "external",
"summary": "RHBZ#2460297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40895"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-r4q5-vmmm-2653"
}
],
"release_date": "2026-04-21T19:59:59.759000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-26T03:53:34+00:00",
"details": "You can download the Cryostat 4 on RHEL 9 container images that this update provides from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available in the Red Hat Container Catalog (see the References section).\n\nDockerfiles and scripts should be amended to refer to this new image specifically or to the latest image generally.",
"product_ids": [
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:05904c67af6e6d63949ea48f330cc3f9c4ce567dcf83b021dfb5360c48f9ae97_amd64",
"9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:5e162295c4cce6d9def315835bfe671bf88f429a9dfbf1ee26bf1858c4702e5b_arm64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:9da420fb6051f62e735fc3b4507cfa4faba5cf983a7d3dceb5fd821c52595f8c_amd64",
"9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:e6a27d9520ca69341235411b7dfab6366f73311fa0147f345c29a90dcb823d81_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8270ad1bdb5394e463b8f688fe39adbfd3177881f3a3ed0e188f5acd07b12747_arm64",
"9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:ebed34803b5872d40fba925204af828932baba2501dd3cc751802fd2c3c5ef18_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:a8e549b2557877c4e4ce8c13073f912b4fef397aa820bce20902b405778cd588_amd64",
"9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:d1b918ec986072f9b35182414d9d785bdcf511044e33070d9e665b832e9bdc97_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:02939e59fc5fb80eafdb3ccbe30840f5a16c174fc78856dc3ad993e3cbec5ff0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:6c02eb8e3d175bbc9295934f3560652ab0d53d34ad8ebdc6cd573f00ca8fac87_amd64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2842124c4358b187ff5fb7e82ec20dd0b3c6a177fb604ff1087a5e6e0de5a9d0_arm64",
"9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:2d29b9fc42e33af7ec5871fc6753a9922542ab644de5fc661cdd811ce41fc203_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:143275d78803237bd4e9c339beda5a861b6e8de6fae0e55a329f983437595610_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:b93e4a60ac90f538549f6694d7d016522a325b64731b9c99a2b55a7afac9c1a9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:0cd0765ead8288d987e54791a82bc9d410370daf45649d704f5f4b1b25827e7f_arm64",
"9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:fdd88ec5966a2deea291c4daaa28552056bf3fb88fa027fec0686b36c114f9c9_amd64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6efb1b537d52c12b59a02929c57b31ae3ee04cfb1f6c091d0e6967212c71f1fb_arm64",
"9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:8c76f05ffe0a2f3dd6b050cd455b48611e4edb16077f0e19dae4be2a52b654c3_amd64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:5f6e2740e4ae7211c2a94e89db535d7be39761da38373763f1ea694211cc2c4f_arm64",
"9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:f6a39d2a84f70d7e817be34f17846a76699aa2d554a7a8f1e2f93079eeba6333_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "follow-redirects: follow-redirects: Information disclosure via cross-domain redirects"
}
]
}
RHSA-2026:25089
Vulnerability from csaf_redhat - Published: 2026-06-10 15:39 - Updated: 2026-07-06 01:10A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in org.eclipse.jetty. A remote attacker can exploit this vulnerability by sending a compressed HTTP request with Content-Encoding: gzip when the server's response is not compressed. This prevents the release of the JDK Inflater, leading to a resource leak. This resource exhaustion can result in a Denial of Service (DoS), making the server unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Eclipse Jetty. The `JASPIAuthenticator` class is responsible for handling authentication checks. During these checks, the class sets two ThreadLocal variables to store authentication state. Under certain conditions, the authentication process can return early without properly clearing the ThreadLocal variables, allowing a subsequent request to inherit the un-cleared ThreadLocal values. This issue can cause broken access control, authentication bypass, privilege escalation and data breaches.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator (URL) containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization, leading to distinct URLs resolving to the same internal path. This could allow an attacker to bypass security policies that rely on path-based comparisons, potentially gaining unauthorized access to resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Spring Boot. This vulnerability, an authentication bypass, occurs when an application endpoint requiring authentication is declared under a specific path already configured for a Health Group additional path. A remote attacker could exploit this to bypass authentication, potentially gaining unauthorized access to sensitive application endpoints. This could lead to information disclosure or unauthorized actions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus's security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Spring Boot. An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about a remote secret. In extreme circumstances, this could allow the attacker to determine the secret and upload changed classes, leading to remote code execution in the remote application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Spring Boot. A local attacker on the same host as the application may be able to take control of the `ApplicationTemp` directory due to predictable temporary directory handling. When the `server.servlet.session.persistent` setting is enabled and the attack persists across application restarts, this could allow the attacker to read session information, hijack authenticated user sessions, or execute arbitrary code as the application's user.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Spring Boot. The `${random.value}` property source utilizes a weak pseudo-random number generator (PRNG), meaning the values it produces are not sufficiently random for use as cryptographic secrets. An attacker could potentially predict these values, which may lead to information disclosure or a security bypass if they are used in sensitive applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application's core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution "Gadget" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HawtIO HawtIO 4.4.0
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_hawtio:4.4::el9
|
— |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:25089 | self |
| https://access.redhat.com/security/updates/classi… | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2025-13465 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2431740 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-13465 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-13465 | external |
| https://github.com/lodash/lodash/security/advisor… | external |
| https://access.redhat.com/security/cve/CVE-2025-61726 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2434432 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61726 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61726 | external |
| https://go.dev/cl/736712 | external |
| https://go.dev/issue/77101 | external |
| https://groups.google.com/g/golang-announce/c/Vd2… | external |
| https://pkg.go.dev/vuln/GO-2026-4341 | external |
| https://access.redhat.com/security/cve/CVE-2025-61729 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2418462 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-61729 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-61729 | external |
| https://go.dev/cl/725920 | external |
| https://go.dev/issue/76445 | external |
| https://groups.google.com/g/golang-announce/c/8FJ… | external |
| https://pkg.go.dev/vuln/GO-2025-4155 | external |
| https://access.redhat.com/security/cve/CVE-2026-1002 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2430180 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-1002 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-1002 | external |
| https://github.com/eclipse-vertx/vert.x/pull/5895 | external |
| https://access.redhat.com/security/cve/CVE-2026-1605 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2444815 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-1605 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-1605 | external |
| https://github.com/jetty/jetty.project/security/a… | external |
| https://access.redhat.com/security/cve/CVE-2026-2332 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2458187 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-2332 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-2332 | external |
| https://github.com/jetty/jetty.project/security/a… | external |
| https://gitlab.eclipse.org/security/cve-assignmen… | external |
| https://access.redhat.com/security/cve/CVE-2026-5795 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456519 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-5795 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-5795 | external |
| https://github.com/advisories/GHSA-gc59-r5jq-98qw | external |
| https://access.redhat.com/security/cve/CVE-2026-6321 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2466582 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-6321 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-6321 | external |
| https://cna.openjsf.org/security-advisories.html | external |
| https://github.com/fastify/fast-uri/security/advi… | external |
| https://access.redhat.com/security/cve/CVE-2026-22731 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2449290 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-22731 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-22731 | external |
| https://spring.io/security/cve-2026-22731 | external |
| https://access.redhat.com/security/cve/CVE-2026-32280 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456339 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-32280 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-32280 | external |
| https://go.dev/cl/758320 | external |
| https://go.dev/issue/78282 | external |
| https://groups.google.com/g/golang-announce/c/0uY… | external |
| https://pkg.go.dev/vuln/GO-2026-4947 | external |
| https://access.redhat.com/security/cve/CVE-2026-32281 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456333 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-32281 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-32281 | external |
| https://go.dev/cl/758061 | external |
| https://go.dev/issue/78281 | external |
| https://pkg.go.dev/vuln/GO-2026-4946 | external |
| https://access.redhat.com/security/cve/CVE-2026-32282 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456336 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-32282 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-32282 | external |
| https://go.dev/cl/763761 | external |
| https://go.dev/issue/78293 | external |
| https://pkg.go.dev/vuln/GO-2026-4864 | external |
| https://access.redhat.com/security/cve/CVE-2026-33810 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2456335 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33810 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33810 | external |
| https://go.dev/cl/763763 | external |
| https://go.dev/issue/78332 | external |
| https://pkg.go.dev/vuln/GO-2026-4866 | external |
| https://access.redhat.com/security/cve/CVE-2026-39852 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-39852 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-39852 | external |
| https://github.com/quarkusio/quarkus/security/adv… | external |
| https://access.redhat.com/security/cve/CVE-2026-40972 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2463332 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-40972 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-40972 | external |
| https://spring.io/security/cve-2026-40972 | external |
| https://access.redhat.com/security/cve/CVE-2026-40973 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2463330 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-40973 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-40973 | external |
| https://spring.io/security/cve-2026-40973 | external |
| https://access.redhat.com/security/cve/CVE-2026-40975 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2463331 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-40975 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-40975 | external |
| https://spring.io/security/cve-2026-40975 | external |
| https://access.redhat.com/security/cve/CVE-2026-42033 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461607 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42033 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42033 | external |
| https://github.com/axios/axios/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-42035 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461606 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42035 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42035 | external |
| https://github.com/axios/axios/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-42039 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461630 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42039 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42039 | external |
| https://github.com/axios/axios/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-42041 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461629 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42041 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42041 | external |
| https://github.com/axios/axios/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-42043 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461626 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42043 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42043 | external |
| https://github.com/axios/axios/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-42044 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461624 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42044 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42044 | external |
| https://github.com/axios/axios/security/advisorie… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "HawtIO 4.4.0 for Red Hat build of Apache Camel 4 GA Release is now available.\n\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "HawtIO 4.4.0 for Red Hat build of Apache Camel 4 GA Release is now available.\n\nThe purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products.\n\n* spring boot: Remote code execution via timing attack in DevTools remote secret comparison [CVE-2026-40972]\n\n* axios: Invisible JSON Response Tampering via Prototype Pollution Gadget [CVE-2026-42044]\n\n* spring-boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory [CVE-2026-40973]\n\n* io.hawt-project: fast-uri: Path traversal vulnerability allows bypass of security policies [CVE-2026-6321]\n\n* axios: Authentication bypass due to prototype pollution of HTTP error handling [CVE-2026-42041]\n\n* axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data [CVE-2026-42039]\n\n* axios: NO_PROXY bypass via crafted URL [CVE-2026-42043]\n\n* axios: HTTP Transport Hijacking via Prototype Pollution [CVE-2026-42033]\n\n* spring-boot: Weak pseudo-random number generation can lead to information disclosure. [CVE-2026-40975]\n\n* io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests [CVE-2026-39852]\n\n* jetty-ee10-webapp: early return from the JASPIAuthenticator class without clearing ThreadLocal variables [CVE-2026-5795]\n\n* jetty-ee10-servlet: early return from the JASPIAuthenticator class without clearing ThreadLocal variables [CVE-2026-5795]\n\n* spring-boot: Authentication bypass via misconfigured Health Group additional path [CVE-2026-22731]\n\n* jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests [CVE-2026-1605]\n\n* vertx-core: static handler component cache can be manipulated to deny the access to static files [CVE-2026-1002]\n\n* io.hawt-project: prototype pollution in _.unset and _.omit functions [CVE-2025-13465]\n\n* hawtio-operator-container: golang: Denial of Service due to excessive resource consumption via crafted certificate [CVE-2025-61729]\n\n* hawtio-operator-container: Memory exhaustion in query parameter parsing in net/url [CVE-2025-61726]\n\n* axios:Arbitrary HTTP header injection via prototype pollution [CVE-2026-42035]\n\n* jetty-http: HTTP request smuggling via chunked extension quoted-string parsing [CVE-2026-2332]\n\n* hawtio-operator-container: Go: Denial of Service vulnerability in certificate chain building [CVE-2026-32280]\n\n* hawtio-operator-container: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application [CVE-2026-33810]\n\n* hawtio-operator-container: Go crypto/x509: Denial of Service via inefficient certificate chain validation [CVE-2026-32281]\n\n* hawtio-operator-container: Root.Chmod can follow symlinks out of the root [CVE-2026-32282]",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:25089",
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25089.json"
}
],
"title": "Red Hat Security Advisory: HawtIO 4.4.0 for Red Hat build of Apache Camel 4 Release and security update.",
"tracking": {
"current_release_date": "2026-07-06T01:10:50+00:00",
"generator": {
"date": "2026-07-06T01:10:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:25089",
"initial_release_date": "2026-06-10T15:39:02+00:00",
"revision_history": [
{
"date": "2026-06-10T15:39:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-10T15:39:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-06T01:10:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "HawtIO HawtIO 4.4.0",
"product": {
"name": "HawtIO HawtIO 4.4.0",
"product_id": "HawtIO HawtIO 4.4.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2026-1002",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-01-15T21:03:20.088599+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability allows a remote attacker to block access to specific static files, such as images, CSS or HTML files. However, the underlying Vert.x server, the API endpoints and other non-cached resources are not affected. Due to this reason, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1002"
},
{
"category": "external",
"summary": "RHBZ#2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/5895",
"url": "https://github.com/eclipse-vertx/vert.x/pull/5895"
}
],
"release_date": "2026-01-15T20:50:25.642000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, consider disabling the static handler cache by configuring the StaticHandler instance with setCachingEnabled(false), for example:\n\n~~~\nStaticHandler staticHandler = StaticHandler.create().setCachingEnabled(false);\n~~~",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files"
},
{
"cve": "CVE-2026-1605",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-03-05T11:00:57.250283+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444815"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in org.eclipse.jetty. A remote attacker can exploit this vulnerability by sending a compressed HTTP request with Content-Encoding: gzip when the server\u0027s response is not compressed. This prevents the release of the JDK Inflater, leading to a resource leak. This resource exhaustion can result in a Denial of Service (DoS), making the server unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1605"
},
{
"category": "external",
"summary": "RHBZ#2444815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444815"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1605",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1605"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-xxh7-fcf3-rj7f",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-xxh7-fcf3-rj7f"
}
],
"release_date": "2026-03-05T09:39:01.315000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.eclipse.jetty/jetty-server: Eclipse Jetty: Denial of Service due to unreleased JDK Inflater from compressed HTTP requests"
},
{
"cve": "CVE-2026-2332",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-04-14T12:01:05.768902+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2458187"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to send a crafted payload to a Jetty server that is behind a reverse proxy or load balancer, specifically with a chunk extension that includes an unclosed double quote before the CRLF to trick the parser. This flaw allows an attacker to bypass security controls, cause cache poisoning or gain unauthorized endpoint access. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2332"
},
{
"category": "external",
"summary": "RHBZ#2458187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2332",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2332"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2332",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2332"
},
{
"category": "external",
"summary": "https://github.com/jetty/jetty.project/security/advisories/GHSA-355h-qmc2-wpwf",
"url": "https://github.com/jetty/jetty.project/security/advisories/GHSA-355h-qmc2-wpwf"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/89",
"url": "https://gitlab.eclipse.org/security/cve-assignment/-/issues/89"
}
],
"release_date": "2026-04-14T10:59:10.193000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing"
},
{
"cve": "CVE-2026-5795",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"discovery_date": "2026-04-08T14:01:02.911884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456519"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Eclipse Jetty. The `JASPIAuthenticator` class is responsible for handling authentication checks. During these checks, the class sets two ThreadLocal variables to store authentication state. Under certain conditions, the authentication process can return early without properly clearing the ThreadLocal variables, allowing a subsequent request to inherit the un-cleared ThreadLocal values. This issue can cause broken access control, authentication bypass, privilege escalation and data breaches.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.eclipse.jetty.ee10/jetty-ee10: early return from the JASPIAuthenticator class without clearing ThreadLocal variables",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is only exploitable when `JASPIAuthenticator` class returns early and a subsequent request inherits the un-cleared ThreadLocal values. This requires a new request to be assigned the exact same recycled thread, increasing the complexity of exploitation. Due to these reasons, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-5795"
},
{
"category": "external",
"summary": "RHBZ#2456519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-5795",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-5795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-5795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5795"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gc59-r5jq-98qw",
"url": "https://github.com/advisories/GHSA-gc59-r5jq-98qw"
}
],
"release_date": "2026-04-08T13:32:28.935000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "org.eclipse.jetty.ee10/jetty-ee10: early return from the JASPIAuthenticator class without clearing ThreadLocal variables"
},
{
"cve": "CVE-2026-6321",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-05-04T20:01:14.938426+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466582"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-uri. A remote attacker could exploit this vulnerability by providing a specially crafted Uniform Resource Locator (URL) containing percent-encoded path separators and dot segments. Due to incorrect processing, fast-uri would decode these elements before proper normalization, leading to distinct URLs resolving to the same internal path. This could allow an attacker to bypass security policies that rely on path-based comparisons, potentially gaining unauthorized access to resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6321"
},
{
"category": "external",
"summary": "RHBZ#2466582",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466582"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6321",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6321"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6",
"url": "https://github.com/fastify/fast-uri/security/advisories/GHSA-q3j6-qgpj-74h6"
}
],
"release_date": "2026-05-04T19:31:57.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-uri: fast-uri: Path traversal vulnerability allows bypass of security policies"
},
{
"cve": "CVE-2026-22731",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2026-03-19T23:02:37.111109+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449290"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot. This vulnerability, an authentication bypass, occurs when an application endpoint requiring authentication is declared under a specific path already configured for a Health Group additional path. A remote attacker could exploit this to bypass authentication, potentially gaining unauthorized access to sensitive application endpoints. This could lead to information disclosure or unauthorized actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Spring Boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22731"
},
{
"category": "external",
"summary": "RHBZ#2449290",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449290"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22731",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22731"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22731",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22731"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2026-22731",
"url": "https://spring.io/security/cve-2026-22731"
}
],
"release_date": "2026-03-19T22:36:15.112000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "To mitigate, ensure that application endpoints requiring authentication are not declared under paths already configured as Health Group additional paths within Spring Boot applications using Actuator. Review and adjust your application\u0027s configuration to prevent this overlap. A redeployment of the application is required for changes to take effect.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Spring Boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Go `crypto/x509` package that could allow an attacker to bypass certificate validation. The vulnerability arises from an incorrect application of excluded DNS constraints to wildcard DNS Subject Alternative Names (SANs) when their case differs from the constraint. This could lead to Red Hat products accepting malicious certificates from otherwise trusted chains, compromising the trust model.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
},
{
"cve": "CVE-2026-39852",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-04-13T13:26:46.572000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457819"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "RHBZ#2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"release_date": "2026-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests"
},
{
"cve": "CVE-2026-40972",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2026-04-28T00:02:02.075124+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463332"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot. An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about a remote secret. In extreme circumstances, this could allow the attacker to determine the secret and upload changed classes, leading to remote code execution in the remote application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Spring Boot: Spring Boot: Remote code execution via timing attack in DevTools remote secret comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40972"
},
{
"category": "external",
"summary": "RHBZ#2463332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40972",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40972"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40972",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40972"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2026-40972",
"url": "https://spring.io/security/cve-2026-40972"
}
],
"release_date": "2026-04-27T23:15:19.194000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the Spring Boot DevTools remote functionality in production environments. This feature is primarily intended for development and should not be enabled in publicly accessible deployments.\n\nTo disable remote DevTools, ensure the `spring.devtools.remote.secret` property is not configured, or explicitly set `spring.devtools.remote.enabled=false` in your application\u0027s `application.properties` or `application.yml` file.\n\nExample for `application.properties`:\n`spring.devtools.remote.enabled=false`\n\nDisabling this feature may impact development workflows that rely on remote DevTools capabilities. A restart of the application is required for the changes to take effect.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Spring Boot: Spring Boot: Remote code execution via timing attack in DevTools remote secret comparison"
},
{
"cve": "CVE-2026-40973",
"cwe": {
"id": "CWE-341",
"name": "Predictable from Observable State"
},
"discovery_date": "2026-04-28T00:01:55.408040+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463330"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot. A local attacker on the same host as the application may be able to take control of the `ApplicationTemp` directory due to predictable temporary directory handling. When the `server.servlet.session.persistent` setting is enabled and the attack persists across application restarts, this could allow the attacker to read session information, hijack authenticated user sessions, or execute arbitrary code as the application\u0027s user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40973"
},
{
"category": "external",
"summary": "RHBZ#2463330",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463330"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40973"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2026-40973",
"url": "https://spring.io/security/cve-2026-40973"
}
],
"release_date": "2026-04-27T23:29:51.946000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "To mitigate this issue, ensure that the `server.servlet.session.persistent` property is set to `false` in your Spring Boot application\u0027s configuration. This prevents session information from being written to the predictable temporary directory, thereby removing the conditions necessary for exploitation. Disabling persistent sessions may affect application behavior that relies on session data surviving restarts.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory"
},
{
"cve": "CVE-2026-40975",
"cwe": {
"id": "CWE-338",
"name": "Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
},
"discovery_date": "2026-04-28T00:01:58.716976+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2463331"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Spring Boot. The `${random.value}` property source utilizes a weak pseudo-random number generator (PRNG), meaning the values it produces are not sufficiently random for use as cryptographic secrets. An attacker could potentially predict these values, which may lead to information disclosure or a security bypass if they are used in sensitive applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Spring Boot: Spring Boot: Weak pseudo-random number generation can lead to information disclosure.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40975"
},
{
"category": "external",
"summary": "RHBZ#2463331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463331"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40975",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40975"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40975",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40975"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2026-40975",
"url": "https://spring.io/security/cve-2026-40975"
}
],
"release_date": "2026-04-27T23:32:58.596000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Applications utilizing Spring Boot should avoid using the `${random.value}` property for generating cryptographic secrets or other security-sensitive data. Developers should review their application configurations and code to ensure that only cryptographically strong random number generators are used for such purposes. For UUID generation, `${random.uuid}` is not affected and can be used.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Spring Boot: Spring Boot: Weak pseudo-random number generation can lead to information disclosure."
},
{
"cve": "CVE-2026-42033",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:20.937507+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461607"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, an HTTP client library. This vulnerability allows an attacker to exploit a prototype pollution issue if another part of the application has already polluted the Object.prototype. By doing so, the attacker can intercept and modify JSON responses or take control of the HTTP communication. This could lead to unauthorized access to sensitive information like user credentials and request details.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42033"
},
{
"category": "external",
"summary": "RHBZ#2461607",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461607"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42033"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pf86-5x62-jrwf"
}
],
"release_date": "2026-04-24T17:36:44.132000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: HTTP Transport Hijacking via Prototype Pollution"
},
{
"cve": "CVE-2026-42035",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T18:01:17.109481+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a software library for making network requests. A remote attacker can exploit a prototype pollution vulnerability to inject arbitrary HTTP headers into outgoing requests. This occurs when the application\u0027s core object definitions are manipulated, causing Axios to misinterpret data and include attacker-controlled headers in network communications. This could lead to unauthorized actions or data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Arbitrary HTTP header injection via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42035"
},
{
"category": "external",
"summary": "RHBZ#2461606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42035"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42035"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-6chq-wfr3-2hj9"
}
],
"release_date": "2026-04-24T17:38:07.752000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "axios: Axios: Arbitrary HTTP header injection via prototype pollution"
},
{
"cve": "CVE-2026-42039",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-24T19:01:44.887156+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461630"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client for browsers and Node.js. This vulnerability occurs because the `toFormData` function recursively processes nested objects without a depth limit. A remote attacker can exploit this by sending deeply nested request data, which causes the Node.js process to crash due to a RangeError, leading to a potential Denial of Service (DoS) if the process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42039"
},
{
"category": "external",
"summary": "RHBZ#2461630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461630"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42039"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42039"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9",
"url": "https://github.com/axios/axios/security/advisories/GHSA-62hf-57xw-28j9"
}
],
"release_date": "2026-04-24T18:01:30.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data"
},
{
"cve": "CVE-2026-42041",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:41.034289+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461629"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, a Prototype Pollution \"Gadget\" attack, allows an attacker to manipulate the `Object.prototype.validateStatus` property. By polluting this property, all HTTP error responses (such as 401, 403, or 500) are silently treated as successful responses. This can lead to a complete bypass of application-level authentication and error handling, potentially granting unauthorized access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42041"
},
{
"category": "external",
"summary": "RHBZ#2461629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461629"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42041"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63",
"url": "https://github.com/axios/axios/security/advisories/GHSA-w9j2-pvgh-6h63"
}
],
"release_date": "2026-04-24T17:55:30.036000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling"
},
{
"cve": "CVE-2026-42043",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-04-24T19:01:22.552379+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461626"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. An attacker who can control the destination address of an Axios request can exploit this vulnerability. By using specific internal network addresses (within the 127.0.0.0/8 range, excluding 127.0.0.1), the attacker can completely bypass the NO_PROXY protection, potentially leading to unauthorized access or information disclosure within the network. This issue is an incomplete fix for a previous vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: NO_PROXY bypass via crafted URL",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42043"
},
{
"category": "external",
"summary": "RHBZ#2461626",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461626"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42043"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7",
"url": "https://github.com/axios/axios/security/advisories/GHSA-pmwg-cvhr-8vh7"
}
],
"release_date": "2026-04-24T17:54:42.668000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: NO_PROXY bypass via crafted URL"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HawtIO HawtIO 4.4.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T15:39:02+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HawtIO HawtIO 4.4.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"HawtIO HawtIO 4.4.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"HawtIO HawtIO 4.4.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
}
]
}
RHSA-2026:34608
Vulnerability from csaf_redhat - Published: 2026-07-02 00:03 - Updated: 2026-07-05 17:22A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Apache ZooKeeper. The ZKTrustManager component's hostname verification process can fall back to reverse DNS (PTR) lookup when IP Subject Alternative Name (SAN) validation fails. This vulnerability allows an attacker who can control or spoof PTR records to impersonate ZooKeeper servers or clients, provided they possess a valid certificate for the PTR name. This could lead to unauthorized access or manipulation of ZooKeeper services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache ZooKeeper. Improper handling of configuration values in ZKConfig allows an attacker to expose sensitive information. This occurs when sensitive client configuration values are logged at an INFO level in the client's logfile. This vulnerability can lead to information disclosure, potentially revealing critical system details to unauthorized parties.
CWE-117 - Improper Output Neutralization for Logs| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML output becomes invalid. This can lead to two main issues: either systems processing these logs will fail to read the affected records, or the logging process itself will stop delivering events, both resulting in a denial of service for logging operations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus's security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user's browser, leading to Cross-Site Scripting (XSS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted LZ4 compressed data stream. This can cause the Lz4FrameDecoder to allocate a large amount of memory (up to 32 MB per block) before the LZ4 decompression runs, leading to excessive memory consumption and a denial of service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. Applications utilizing the Pages Router with internationalization (i18n) configured and middleware or proxy-based authorization are susceptible to unauthorized access. A remote attacker can exploit this by making locale-less /_next/data/<buildId>/<page>.json requests, which bypass the intended authorization checks. This allows the attacker to retrieve sensitive server-side rendered (SSR) JSON data from protected pages, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could lead to unauthorized viewing of sensitive information or access to restricted features.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows access to protected content without proper authorization.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
| URL | Category |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:34608 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461624 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2466990 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477187 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477188 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477190 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477193 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477194 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477199 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477207 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477219 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477220 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2486959 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488081 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488383 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488391 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488400 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488429 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488437 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488439 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488442 | external |
| https://access.redhat.com/security/updates/classi… | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2392996 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2423194 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2430180 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2431740 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2433059 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445449 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445451 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2448509 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452453 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452456 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2453496 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457328 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461147 | external |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://security.access.redhat.com/data/csaf/v2/a… | self |
| https://access.redhat.com/security/cve/CVE-2024-29371 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2423194 | external |
| https://www.cve.org/CVERecord?id=CVE-2024-29371 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2024-29371 | external |
| https://bitbucket.org/b_c/jose4j/issues/220/vuln-… | external |
| https://access.redhat.com/security/cve/CVE-2025-13465 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2431740 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-13465 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-13465 | external |
| https://github.com/lodash/lodash/security/advisor… | external |
| https://access.redhat.com/security/cve/CVE-2025-58056 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2392996 | external |
| https://www.cve.org/CVERecord?id=CVE-2025-58056 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2025-58056 | external |
| https://datatracker.ietf.org/doc/html/rfc9112#nam… | external |
| https://github.com/JLLeitschuh/unCVEed/issues/1 | external |
| https://github.com/netty/netty/commit/edb55fd8e0a… | external |
| https://github.com/netty/netty/issues/15522 | external |
| https://github.com/netty/netty/pull/15611 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://w4ke.info/2025/06/18/funky-chunks.html | external |
| https://access.redhat.com/security/cve/CVE-2026-1002 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2430180 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-1002 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-1002 | external |
| https://github.com/eclipse-vertx/vert.x/pull/5895 | external |
| https://access.redhat.com/security/cve/CVE-2026-4800 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2453496 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-4800 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-4800 | external |
| https://cna.openjsf.org/security-advisories.html | external |
| https://github.com/advisories/GHSA-35jh-r3h4-6jhm | external |
| https://github.com/lodash/lodash/commit/3469357cf… | external |
| https://access.redhat.com/security/cve/CVE-2026-6860 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2466990 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-6860 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-6860 | external |
| https://github.com/eclipse-vertx/vert.x/pull/6102 | external |
| https://github.com/eclipse-vertx/vert.x/security/… | external |
| https://gitlab.eclipse.org/security/vulnerability… | external |
| https://access.redhat.com/security/cve/CVE-2026-23864 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2433059 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-23864 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-23864 | external |
| https://github.com/facebook/react/security/adviso… | external |
| https://www.facebook.com/security/advisories/cve-… | external |
| https://access.redhat.com/security/cve/CVE-2026-24281 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445449 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-24281 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-24281 | external |
| https://lists.apache.org/thread/088ddsbrzhd5lxzbq… | external |
| https://access.redhat.com/security/cve/CVE-2026-24308 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2445451 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-24308 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-24308 | external |
| https://lists.apache.org/thread/qng3rtzv2pqkmko4r… | external |
| https://access.redhat.com/security/cve/CVE-2026-27980 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2448509 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-27980 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-27980 | external |
| https://github.com/vercel/next.js/commit/39eb8e0a… | external |
| https://github.com/vercel/next.js/releases/tag/v16.1.7 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-33870 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452453 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33870 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33870 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://w4ke.info/2025/10/29/funky-chunks-2.html | external |
| https://www.rfc-editor.org/rfc/rfc9110 | external |
| https://access.redhat.com/security/cve/CVE-2026-33871 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2452456 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-33871 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-33871 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-34480 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457328 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-34480 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-34480 | external |
| https://github.com/apache/logging-log4j2/pull/4077 | external |
| https://lists.apache.org/thread/5x0hcnng0chhghp6j… | external |
| https://logging.apache.org/cyclonedx/vdr.xml | external |
| https://logging.apache.org/log4j/2.x/manual/layou… | external |
| https://logging.apache.org/security.html#CVE-2026-34480 | external |
| https://access.redhat.com/security/cve/CVE-2026-39852 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2457819 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-39852 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-39852 | external |
| https://github.com/quarkusio/quarkus/security/adv… | external |
| https://access.redhat.com/security/cve/CVE-2026-41240 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461147 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-41240 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-41240 | external |
| https://github.com/cure53/DOMPurify/commit/c361ba… | external |
| https://github.com/cure53/DOMPurify/releases/tag/3.4.0 | external |
| https://github.com/cure53/DOMPurify/security/advi… | external |
| https://access.redhat.com/security/cve/CVE-2026-42044 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2461624 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42044 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42044 | external |
| https://github.com/axios/axios/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-42583 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477219 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42583 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42583 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-42587 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477220 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-42587 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-42587 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-44249 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488081 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44249 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44249 | external |
| https://github.com/netty/netty/releases/tag/netty… | external |
| https://github.com/netty/netty/releases/tag/netty… | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-44573 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477199 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44573 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44573 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-44574 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477207 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44574 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44574 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-44575 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477188 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44575 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44575 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-44577 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477194 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44577 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44577 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-44578 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477187 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44578 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44578 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-44579 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477193 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44579 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44579 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-44893 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488383 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-44893 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-44893 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-45109 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2477190 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-45109 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-45109 | external |
| https://github.com/vercel/next.js/security/adviso… | external |
| https://access.redhat.com/security/cve/CVE-2026-45416 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488391 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-45416 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-45416 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-45674 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488400 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-45674 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-45674 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-47691 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488439 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-47691 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-47691 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-48043 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488442 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-48043 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-48043 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-48059 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488437 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-48059 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-48059 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-50010 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488429 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-50010 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-50010 | external |
| https://github.com/netty/netty/security/advisorie… | external |
| https://access.redhat.com/security/cve/CVE-2026-50559 | self |
| https://bugzilla.redhat.com/show_bug.cgi?id=2486959 | external |
| https://www.cve.org/CVERecord?id=CVE-2026-50559 | external |
| https://nvd.nist.gov/vuln/detail/CVE-2026-50559 | external |
| https://github.com/quarkusio/quarkus/security/adv… | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.9.4 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 2.9.4 serves as a replacement for Red Hat Streams for Apache Kafka 2.9.3, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n * jose4j: Denial of Service via compressed JWE content (CVE-2024-29371)\n * cluster-operator: Cross-namespace privilege escalation via Kafka.spec.entityOperator.watchedNamespace in Strimzi (CVE-2026-55225)\n * netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions (CVE-2025-58056)\n * lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800)\n * React Server Components: Denial of Service via specially crafted HTTP requests (CVE-2026-23864)\n * Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing (CVE-2026-24281)\n * netty-codec-http: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values (CVE-2026-33870)\n * netty-codec-http2: Denial of Service via HTTP/2 CONTINUATION frame flood (CVE-2026-33871)\n * log4j-core: Invalid XML output causes denial of service in logging (CVE-2026-34480)\n * quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests (CVE-2026-39852)\n * netty-codec: Denial of Service via excessive memory allocation in LZ4FrameDecoder (CVE-2026-42583)\n * netty-codec-http2: Denial of Service via unbounded memory allocation in HTTP content decompression (CVE-2026-42587)\n * netty-handler: IPv6 subnet rule bypass due to incorrect masking operation (CVE-2026-44249)\n * Next.js: Information disclosure due to middleware bypass in Pages Router with i18n (CVE-2026-44573)\n * Next.js: Authorization bypass via crafted query parameters (CVE-2026-44574)\n * Next.js: Unauthorized access to protected content via middleware bypass (CVE-2026-44575)\n * Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests (CVE-2026-44578)\n * Next.js: Denial of Service via crafted POST requests to server actions (CVE-2026-44579)\n * netty-codec-haproxy: Denial of Service via malformed HAProxy message (CVE-2026-44893)\n * Next.js: Information disclosure via security fix bypass in middleware with Turbopack (CVE-2026-45109)\n * netty-handler: Denial of Service via eager buffer allocation in TLS handshake (CVE-2026-45416)\n * netty-resolver-dns: Information disclosure and data manipulation due to improper CNAME record validation (CVE-2026-45674)\n * netty-resolver-dns: Insufficient Bailiwick Validation for NS Records (CVE-2026-47691)\n * netty-codec-http2: Denial of Service due to resource leak (CVE-2026-48043)\n * netty-codec-haproxy: Denial of Service via memory leak from crafted PROXY protocol headers (CVE-2026-48059)\n * netty-handler: Improper trust manager handling leads to hostname verification bypass (CVE-2026-50010)\n * quarkus-vertx-http: Authorization bypass in HTTP path-based policies via encoded characters (CVE-2026-50559)\n * lodash: Prototype pollution in _.unset and _.omit functions (CVE-2025-13465)\n * vertx-core: Static handler component cache can be manipulated to deny access to static files (CVE-2026-1002)\n * vertx-core: Denial of Service via TLS handshake with wildcard server name (CVE-2026-6860)\n * Apache ZooKeeper: Information disclosure via improper handling of configuration values (CVE-2026-24308)\n * Next.js: Unbounded next/image disk cache growth can exhaust storage (CVE-2026-27980)\n * DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization (CVE-2026-41240)\n * axios: Invisible JSON Response Tampering via Prototype Pollution Gadget (CVE-2026-42044)\n * Next.js: Denial of Service via Image Optimization API (CVE-2026-44577)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34608",
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "external",
"summary": "2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "2466990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466990"
},
{
"category": "external",
"summary": "2477187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477187"
},
{
"category": "external",
"summary": "2477188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477188"
},
{
"category": "external",
"summary": "2477190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477190"
},
{
"category": "external",
"summary": "2477193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477193"
},
{
"category": "external",
"summary": "2477194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477194"
},
{
"category": "external",
"summary": "2477199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477199"
},
{
"category": "external",
"summary": "2477207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477207"
},
{
"category": "external",
"summary": "2477219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477219"
},
{
"category": "external",
"summary": "2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "2445449",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445449"
},
{
"category": "external",
"summary": "2445451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445451"
},
{
"category": "external",
"summary": "2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "2457328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457328"
},
{
"category": "external",
"summary": "2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34608.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.9.4 release and security update",
"tracking": {
"current_release_date": "2026-07-05T17:22:57+00:00",
"generator": {
"date": "2026-07-05T17:22:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34608",
"initial_release_date": "2026-07-02T00:03:15+00:00",
"revision_history": [
{
"date": "2026-07-02T00:03:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-02T00:03:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-05T17:22:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.9.4",
"product": {
"name": "Streams for Apache Kafka 2.9.4",
"product_id": "Streams for Apache Kafka 2.9.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
},
{
"cve": "CVE-2026-1002",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-01-15T21:03:20.088599+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability allows a remote attacker to block access to specific static files, such as images, CSS or HTML files. However, the underlying Vert.x server, the API endpoints and other non-cached resources are not affected. Due to this reason, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1002"
},
{
"category": "external",
"summary": "RHBZ#2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/5895",
"url": "https://github.com/eclipse-vertx/vert.x/pull/5895"
}
],
"release_date": "2026-01-15T20:50:25.642000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, consider disabling the static handler cache by configuring the StaticHandler instance with setCachingEnabled(false), for example:\n\n~~~\nStaticHandler staticHandler = StaticHandler.create().setCachingEnabled(false);\n~~~",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-6860",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-06T10:01:43.929832+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466990"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate because a remote attacker can trigger a denial of service in Red Hat products that use `eclipse-vertx/vert.x` and are configured with TLS wildcard server names. Exploitation occurs during the TLS handshake, impacting service availability without affecting data confidentiality or integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6860"
},
{
"category": "external",
"summary": "RHBZ#2466990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466990"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/6102",
"url": "https://github.com/eclipse-vertx/vert.x/pull/6102"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6",
"url": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381"
}
],
"release_date": "2026-05-06T09:55:12.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name"
},
{
"cve": "CVE-2026-23864",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-26T20:01:54.396535+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433059"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23864"
},
{
"category": "external",
"summary": "RHBZ#2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23864",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864"
},
{
"category": "external",
"summary": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg",
"url": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg"
},
{
"category": "external",
"summary": "https://www.facebook.com/security/advisories/cve-2026-23864",
"url": "https://www.facebook.com/security/advisories/cve-2026-23864"
}
],
"release_date": "2026-01-26T19:16:38.250000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests"
},
{
"cve": "CVE-2026-24281",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-07T09:00:57.868082+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445449"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache ZooKeeper. The ZKTrustManager component\u0027s hostname verification process can fall back to reverse DNS (PTR) lookup when IP Subject Alternative Name (SAN) validation fails. This vulnerability allows an attacker who can control or spoof PTR records to impersonate ZooKeeper servers or clients, provided they possess a valid certificate for the PTR name. This could lead to unauthorized access or manipulation of ZooKeeper services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24281"
},
{
"category": "external",
"summary": "RHBZ#2445449",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445449"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24281"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/088ddsbrzhd5lxzbqf5n24yg0mwh9jt2",
"url": "https://lists.apache.org/thread/088ddsbrzhd5lxzbqf5n24yg0mwh9jt2"
}
],
"release_date": "2026-03-07T08:50:32.525000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable reverse DNS lookup in Apache ZooKeeper\u0027s client and quorum protocols. This can be achieved by configuring the `zookeeper.ssl.hostnameVerification.disableReverseDns` property to `true`. This configuration option is available in Apache ZooKeeper versions 3.8.6 and 3.9.5 and later. A restart of the ZooKeeper service will be required for the change to take effect.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing"
},
{
"cve": "CVE-2026-24308",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2026-03-07T09:01:03.859129+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445451"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache ZooKeeper. Improper handling of configuration values in ZKConfig allows an attacker to expose sensitive information. This occurs when sensitive client configuration values are logged at an INFO level in the client\u0027s logfile. This vulnerability can lead to information disclosure, potentially revealing critical system details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24308"
},
{
"category": "external",
"summary": "RHBZ#2445451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24308"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24308",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24308"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/qng3rtzv2pqkmko4rhv85jfplkyrgqdr",
"url": "https://lists.apache.org/thread/qng3rtzv2pqkmko4rhv85jfplkyrgqdr"
}
],
"release_date": "2026-03-07T08:51:17.567000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values"
},
{
"cve": "CVE-2026-27980",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-18T01:01:36.393672+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448509"
}
],
"notes": [
{
"category": "description",
"text": "An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27980"
},
{
"category": "external",
"summary": "RHBZ#2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27980"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd",
"url": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/releases/tag/v16.1.7",
"url": "https://github.com/vercel/next.js/releases/tag/v16.1.7"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8"
}
],
"release_date": "2026-03-18T00:23:34.862000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage"
},
{
"cve": "CVE-2026-33870",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-27T21:01:59.865839+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452453"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"category": "external",
"summary": "RHBZ#2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
"url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
"url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110",
"url": "https://www.rfc-editor.org/rfc/rfc9110"
}
],
"release_date": "2026-03-27T19:54:15.586000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values"
},
{
"cve": "CVE-2026-33871",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-27T21:02:13.396015+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452456"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server\u0027s lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This important vulnerability in Netty HTTP/2 servers allows a remote attacker to cause a Denial of Service by sending a flood of CONTINUATION frames. This can lead to excessive CPU consumption and render the server unresponsive. Red Hat products utilizing affected Netty versions, such as Red Hat AMQ, Enterprise Application Platform, and OpenShift Container Platform components, are impacted if configured to use HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33871"
},
{
"category": "external",
"summary": "RHBZ#2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv"
}
],
"release_date": "2026-03-27T19:55:23.135000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood"
},
{
"cve": "CVE-2026-34480",
"cwe": {
"id": "CWE-168",
"name": "Improper Handling of Inconsistent Special Elements"
},
"discovery_date": "2026-04-10T16:02:17.024798+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457328"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML output becomes invalid. This can lead to two main issues: either systems processing these logs will fail to read the affected records, or the logging process itself will stop delivering events, both resulting in a denial of service for logging operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in Apache Log4j Core\u0027s XmlLayout component can lead to a denial of service in logging operations when log messages contain characters forbidden by the XML 1.0 specification. Systems processing these logs may fail to read records or the logging process may cease event delivery, impacting monitoring and auditing capabilities in affected Red Hat products. Red Hat products in their default configurations will be able to automatically recover, but some log messages may be lost.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34480"
},
{
"category": "external",
"summary": "RHBZ#2457328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457328"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34480"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34480",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34480"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/4077",
"url": "https://github.com/apache/logging-log4j2/pull/4077"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/5x0hcnng0chhghp6jgjdp3qmbbhfjzhb",
"url": "https://lists.apache.org/thread/5x0hcnng0chhghp6jgjdp3qmbbhfjzhb"
},
{
"category": "external",
"summary": "https://logging.apache.org/cyclonedx/vdr.xml",
"url": "https://logging.apache.org/cyclonedx/vdr.xml"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout",
"url": "https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout"
},
{
"category": "external",
"summary": "https://logging.apache.org/security.html#CVE-2026-34480",
"url": "https://logging.apache.org/security.html#CVE-2026-34480"
}
],
"release_date": "2026-04-10T15:42:03.843000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging"
},
{
"cve": "CVE-2026-39852",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-04-13T13:26:46.572000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457819"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "RHBZ#2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"release_date": "2026-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests"
},
{
"cve": "CVE-2026-41240",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-04-23T16:04:41.751666+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461147"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user\u0027s browser, leading to Cross-Site Scripting (XSS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41240"
},
{
"category": "external",
"summary": "RHBZ#2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80",
"url": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0",
"url": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m"
}
],
"release_date": "2026-04-23T14:54:32.426000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
},
{
"cve": "CVE-2026-42583",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:32.498598+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477219"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted LZ4 compressed data stream. This can cause the Lz4FrameDecoder to allocate a large amount of memory (up to 32 MB per block) before the LZ4 decompression runs, leading to excessive memory consumption and a denial of service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in Netty\u0027s LZ4FrameDecoder. The decoder allocates a buffer based on the decompressed length from the LZ4 frame header (up to 32 MB per block) before decompression runs. A remote attacker can send a small crafted LZ4 header (as few as 22 bytes) to force excessive memory allocation, leading to a denial of service. Red Hat products that use Netty with LZ4 compression enabled are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42583"
},
{
"category": "external",
"summary": "RHBZ#2477219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42583",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42583"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6",
"url": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6"
}
],
"release_date": "2026-05-13T18:09:19.817000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder"
},
{
"cve": "CVE-2026-42587",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:35.415881+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477220"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s HTTP content decompression. A remote attacker can exploit this flaw by sending specially crafted compressed payloads using Brotli, Zstandard, or Snappy encodings, bypassing configured decompression limits. This leads to unbounded memory allocation, potentially causing an out-of-memory condition and rendering affected Red Hat systems unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "RHBZ#2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42587",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42587"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"
}
],
"release_date": "2026-05-13T18:22:21.699000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44573",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:01:50.343509+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477199"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Applications utilizing the Pages Router with internationalization (i18n) configured and middleware or proxy-based authorization are susceptible to unauthorized access. A remote attacker can exploit this by making locale-less /_next/data/\u003cbuildId\u003e/\u003cpage\u003e.json requests, which bypass the intended authorization checks. This allows the attacker to retrieve sensitive server-side rendered (SSR) JSON data from protected pages, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Information disclosure due to middleware bypass in Pages Router with i18n",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Important: A flaw in Next.js applications allows unauthorized access to sensitive server-side rendered (SSR) JSON data by bypassing middleware authorization checks. This occurs when applications use the Pages Router with internationalization (i18n) and middleware or proxy-based authorization, enabling remote attackers to retrieve protected page data through locale-less requests.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44573"
},
{
"category": "external",
"summary": "RHBZ#2477199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44573",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44573"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5"
}
],
"release_date": "2026-05-13T16:48:16.218000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Information disclosure due to middleware bypass in Pages Router with i18n"
},
{
"cve": "CVE-2026-44574",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:02:21.088167+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could lead to unauthorized viewing of sensitive information or access to restricted features.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Authorization bypass via crafted query parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important authorization bypass flaw in Next.js applications, which are utilized in Red Hat AMQ, Red Hat Trusted Artifact Signer, and Red Hat Enterprise Linux AI. The vulnerability arises when applications use Next.js middleware to protect dynamic routes, allowing attackers to access restricted content by manipulating query parameters. This bypass occurs because specially crafted parameters can alter the route value seen by the page while the visible path remains unchanged, circumventing intended security controls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44574"
},
{
"category": "external",
"summary": "RHBZ#2477207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44574",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44574"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv"
}
],
"release_date": "2026-05-13T16:56:06.008000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Authorization bypass via crafted query parameters"
},
{
"cve": "CVE-2026-44575",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:01:17.168356+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477188"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows access to protected content without proper authorization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Unauthorized access to protected content via middleware bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44575"
},
{
"category": "external",
"summary": "RHBZ#2477188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477188"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44575",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44575"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44575",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44575"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f"
}
],
"release_date": "2026-05-13T16:54:39.455000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Unauthorized access to protected content via middleware bypass"
},
{
"cve": "CVE-2026-44577",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T18:01:35.713847+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Denial of Service via Image Optimization API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Next.js affects self-hosted applications utilizing the default image loader. A remote attacker can trigger a denial of service by requesting large local image assets, leading to out-of-memory conditions. This vulnerability is present when `images.localPatterns` is configured to allow all patterns by default, and is not applicable when using Vercel, a custom image loader, or `images.unoptimized: true`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44577"
},
{
"category": "external",
"summary": "RHBZ#2477194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44577",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44577"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44577",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44577"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh"
}
],
"release_date": "2026-05-13T17:00:02.786000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Denial of Service via Image Optimization API"
},
{
"cve": "CVE-2026-44578",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-05-13T18:01:13.729805+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477187"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44578"
},
{
"category": "external",
"summary": "RHBZ#2477187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44578"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r"
}
],
"release_date": "2026-05-13T17:01:38.942000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests"
},
{
"cve": "CVE-2026-44579",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2026-05-13T18:01:32.406247+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Denial of Service via crafted POST requests to server actions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44579"
},
{
"category": "external",
"summary": "RHBZ#2477193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44579"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx"
}
],
"release_date": "2026-05-13T17:04:28.388000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Denial of Service via crafted POST requests to server actions"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because a remote, unauthenticated attacker can trigger a denial of service in applications utilizing `netty-codec-haproxy`. By sending a specially crafted HAProxy message with a malformed SSL TLV header, an attacker can cause an `IndexOutOfBoundsException`, leading to unreleased memory and resource exhaustion. This can render the affected application unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-45109",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-05-13T18:01:23.402405+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45109"
},
{
"category": "external",
"summary": "RHBZ#2477190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45109",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45109"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45109",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45109"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6"
}
],
"release_date": "2026-05-13T17:11:07.275000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack"
},
{
"cve": "CVE-2026-45416",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:45.671884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488391"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Netty is rated as Important. It allows a remote attacker to trigger a denial of service by sending a specially crafted TLS ClientHello message. The flaw arises from an eager, unbounded memory allocation during the TLS handshake, particularly when default configurations disable the maximum client hello length guard, leading to excessive resource consumption in affected Red Hat products utilizing Netty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "RHBZ#2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
}
],
"release_date": "2026-06-12T14:10:05.585000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure applications utilizing Netty\u0027s `SslClientHelloHandler` to specify a non-zero value for the `maxClientHelloLength` parameter. This will enable the internal length validation, preventing the eager allocation of large memory buffers when processing crafted TLS ClientHello messages. Refer to your specific application\u0027s documentation for details on configuring Netty\u0027s TLS handler. A restart of the affected application or service is required for the configuration changes to take effect.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake"
},
{
"cve": "CVE-2026-45674",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T15:02:15.565158+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488400"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Netty\u0027s DnsResolveContext allows a remote attacker to achieve information disclosure or data manipulation. By crafting malicious DNS responses, an attacker could redirect network traffic or intercept sensitive data, impacting applications utilizing Netty for DNS resolution in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "RHBZ#2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
}
],
"release_date": "2026-06-12T14:17:50.203000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation"
},
{
"cve": "CVE-2026-47691",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T16:02:45.855856+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488439"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Netty\u0027s DNS resolution component, `netty-resolver-dns`, allows for DNS cache poisoning. An attacker with control over an authoritative name server for a subdomain could exploit this vulnerability to inject malicious DNS records into the cache of parent domains. This could lead to redirection of network traffic, impacting the integrity and availability of services relying on DNS resolution within affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "RHBZ#2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
}
],
"release_date": "2026-06-12T14:33:16.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in netty-codec-http2, affecting Red Hat products that utilize HTTP/2 communication with decompression. A remote attacker can exploit a resource leak in the `DelegatingDecompressorFrameListener` by sending malformed HTTP/2 frames, potentially leading to an Out Of Memory Error and causing the Java Virtual Machine to terminate. This could disrupt service availability in affected deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Netty HAProxy PROXY protocol v2 codec, which can lead to a denial of service. A remote attacker can trigger a memory leak by sending a specially crafted HAProxy PROXY protocol v2 header with deeply nested SSL TLV records, causing resource exhaustion in affected Red Hat products that utilize this codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-50010",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-06-12T16:02:13.735675+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Netty that affects Red Hat products utilizing the `netty-handler` component, including various Red Hat AMQ, Enterprise Application Platform, and OpenShift offerings. The vulnerability arises when a Netty client is configured with a plain X.509 Trust Manager, leading to a bypass of hostname verification. This oversight allows a remote attacker to perform man-in-the-middle attacks by impersonating a legitimate server, potentially compromising sensitive data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "RHBZ#2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
}
],
"release_date": "2026-06-12T14:50:43.151000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass"
},
{
"cve": "CVE-2026-50559",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-06-09T10:55:32.426000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Quarkus where HTTP path-based authorization policies can be bypassed by a remote attacker. Specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes can circumvent security controls, allowing unauthorized access to protected static resources and leading to information disclosure. This is critical in deployments where Quarkus applications serve sensitive static content and rely solely on path-based authorization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "RHBZ#2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v"
}
],
"release_date": "2026-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.