Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-53259 (GCVE-0-2024-53259)
Vulnerability from cvelistv5 – Published: 2024-12-02 16:12 – Updated: 2024-12-02 19:28
VLAI
EPSS
Title
quic-go affected by an ICMP Packet Too Large Injection Attack on Linux
Summary
quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP Packet Too Large packet. Since affected quic-go versions used IP_PMTUDISC_DO, the kernel would then return a "message too large" error on sendmsg, i.e. when quic-go attempts to send a packet that exceeds the MTU claimed in that ICMP packet. By setting this value to smaller than 1200 bytes (the minimum MTU for QUIC), the attacker can disrupt a QUIC connection. Crucially, this can be done after completion of the handshake, thereby circumventing any TCP fallback that might be implemented on the application layer (for example, many browsers fall back to HTTP over TCP if they're unable to establish a QUIC connection). The attacker needs to at least know the client's IP and port tuple to mount an attack. This vulnerability is fixed in 0.48.2.
Severity
6.5 (Medium)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/quic-go/quic-go/security/advis… | x_refsource_CONFIRM |
| https://github.com/quic-go/quic-go/pull/4729 | x_refsource_MISC |
| https://github.com/quic-go/quic-go/commit/ca31dd3… | x_refsource_MISC |
| https://github.com/quic-go/quic-go/releases/tag/v0.48.2 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-53259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:27:58.329919Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T19:28:08.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "quic-go",
"vendor": "quic-go",
"versions": [
{
"status": "affected",
"version": "\u003c 0.48.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP Packet Too Large packet. Since affected quic-go versions used IP_PMTUDISC_DO, the kernel would then return a \"message too large\" error on sendmsg, i.e. when quic-go attempts to send a packet that exceeds the MTU claimed in that ICMP packet. By setting this value to smaller than 1200 bytes (the minimum MTU for QUIC), the attacker can disrupt a QUIC connection. Crucially, this can be done after completion of the handshake, thereby circumventing any TCP fallback that might be implemented on the application layer (for example, many browsers fall back to HTTP over TCP if they\u0027re unable to establish a QUIC connection). The attacker needs to at least know the client\u0027s IP and port tuple to mount an attack. This vulnerability is fixed in 0.48.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T16:12:40.605Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr"
},
{
"name": "https://github.com/quic-go/quic-go/pull/4729",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/quic-go/quic-go/pull/4729"
},
{
"name": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50"
},
{
"name": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2"
}
],
"source": {
"advisory": "GHSA-px8v-pp82-rcvr",
"discovery": "UNKNOWN"
},
"title": "quic-go affected by an ICMP Packet Too Large Injection Attack on Linux"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-53259",
"datePublished": "2024-12-02T16:12:40.605Z",
"dateReserved": "2024-11-19T20:08:14.480Z",
"dateUpdated": "2024-12-02T19:28:08.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-53259",
"date": "2026-05-27",
"epss": "0.00755",
"percentile": "0.7348"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-53259\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-12-02T17:15:12.767\",\"lastModified\":\"2024-12-02T17:15:12.767\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP Packet Too Large packet. Since affected quic-go versions used IP_PMTUDISC_DO, the kernel would then return a \\\"message too large\\\" error on sendmsg, i.e. when quic-go attempts to send a packet that exceeds the MTU claimed in that ICMP packet. By setting this value to smaller than 1200 bytes (the minimum MTU for QUIC), the attacker can disrupt a QUIC connection. Crucially, this can be done after completion of the handshake, thereby circumventing any TCP fallback that might be implemented on the application layer (for example, many browsers fall back to HTTP over TCP if they\u0027re unable to establish a QUIC connection). The attacker needs to at least know the client\u0027s IP and port tuple to mount an attack. This vulnerability is fixed in 0.48.2.\"},{\"lang\":\"es\",\"value\":\"quic-go es una implementaci\u00f3n del protocolo QUIC en Go. Un atacante que no se encuentre en la ruta de acceso puede inyectar un paquete ICMP de tama\u00f1o excesivo. Dado que las versiones de quic-go afectadas utilizan IP_PMTUDISC_DO, el n\u00facleo devolver\u00eda un error de \\\"mensaje demasiado grande\\\" en sendmsg, es decir, cuando quic-go intenta enviar un paquete que excede la MTU indicada en ese paquete ICMP. Al establecer este valor en un valor menor a 1200 bytes (la MTU m\u00ednima para QUIC), el atacante puede interrumpir una conexi\u00f3n QUIC. Fundamentalmente, esto se puede hacer despu\u00e9s de completar el protocolo de enlace, evitando as\u00ed cualquier respaldo TCP que pueda implementarse en la capa de aplicaci\u00f3n (por ejemplo, muchos navegadores recurren a HTTP sobre TCP si no pueden establecer una conexi\u00f3n QUIC). El atacante necesita al menos conocer la IP del cliente y la tupla de puertos para montar un ataque. Esta vulnerabilidad se corrigi\u00f3 en 0.48.2.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"}]}],\"references\":[{\"url\":\"https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/quic-go/quic-go/pull/4729\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/quic-go/quic-go/releases/tag/v0.48.2\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-53259\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-12-02T19:27:58.329919Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-12-02T19:28:03.726Z\"}}], \"cna\": {\"title\": \"quic-go affected by an ICMP Packet Too Large Injection Attack on Linux\", \"source\": {\"advisory\": \"GHSA-px8v-pp82-rcvr\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"quic-go\", \"product\": \"quic-go\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.48.2\"}]}], \"references\": [{\"url\": \"https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr\", \"name\": \"https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/quic-go/quic-go/pull/4729\", \"name\": \"https://github.com/quic-go/quic-go/pull/4729\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50\", \"name\": \"https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/quic-go/quic-go/releases/tag/v0.48.2\", \"name\": \"https://github.com/quic-go/quic-go/releases/tag/v0.48.2\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP Packet Too Large packet. Since affected quic-go versions used IP_PMTUDISC_DO, the kernel would then return a \\\"message too large\\\" error on sendmsg, i.e. when quic-go attempts to send a packet that exceeds the MTU claimed in that ICMP packet. By setting this value to smaller than 1200 bytes (the minimum MTU for QUIC), the attacker can disrupt a QUIC connection. Crucially, this can be done after completion of the handshake, thereby circumventing any TCP fallback that might be implemented on the application layer (for example, many browsers fall back to HTTP over TCP if they\u0027re unable to establish a QUIC connection). The attacker needs to at least know the client\u0027s IP and port tuple to mount an attack. This vulnerability is fixed in 0.48.2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-345\", \"description\": \"CWE-345: Insufficient Verification of Data Authenticity\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-12-02T16:12:40.605Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-53259\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-02T19:28:08.531Z\", \"dateReserved\": \"2024-11-19T20:08:14.480Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-12-02T16:12:40.605Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2025:0386
Vulnerability from csaf_redhat - Published: 2025-01-16 18:36 - Updated: 2026-05-21 01:31Summary
Red Hat Security Advisory: VolSync 0.10.2 for RHEL 9
Severity
Important
Notes
Topic: VolSync v0.10.2 general availability release images, which provide
enhancements, security fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details: VolSync v0.10.2 VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.
For more information about VolSync, see:
https://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync
or the VolSync open source community website at:
https://volsync.readthedocs.io/en/stable/.
This advisory contains enhancements and updates to the VolSync
container images.
Security fix(es):
* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux (CVE-2024-53259)
* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause
authorization bypass in golang.org/x/crypto (CVE-2024-45337)
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in
golang.org/x/net/html (CVE-2024-45338)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was found in Quic-Go where an attacker can inject malicious data into network packets, potentially allowing them to cause harm. The issue arises from a configuration option used by some affected versions of the code that sends out information about packet size limitations. As a result, when Quic-Go attempts to send a packet larger than it claims to be able to handle, the operating system will reject it due to a "message too large" error.
6.5 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
32 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "VolSync v0.10.2 general availability release images, which provide\nenhancements, security fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "VolSync v0.10.2 VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.\n\nFor more information about VolSync, see:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync\n\nor the VolSync open source community website at:\nhttps://volsync.readthedocs.io/en/stable/.\n\nThis advisory contains enhancements and updates to the VolSync\ncontainer images.\n\nSecurity fix(es):\n\n* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux (CVE-2024-53259) \n* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause\nauthorization bypass in golang.org/x/crypto (CVE-2024-45337)\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in\ngolang.org/x/net/html (CVE-2024-45338)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:0386",
"url": "https://access.redhat.com/errata/RHSA-2025:0386"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "ACM-16523",
"url": "https://issues.redhat.com/browse/ACM-16523"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0386.json"
}
],
"title": "Red Hat Security Advisory: VolSync 0.10.2 for RHEL 9",
"tracking": {
"current_release_date": "2026-05-21T01:31:01+00:00",
"generator": {
"date": "2026-05-21T01:31:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2025:0386",
"initial_release_date": "2025-01-16T18:36:58+00:00",
"revision_history": [
{
"date": "2025-01-16T18:36:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-16T18:36:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-21T01:31:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.11::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64",
"product_id": "rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.10.2-2"
}
}
},
{
"category": "product_version",
"name": "rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"product": {
"name": "rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"product_id": "rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/volsync-operator-bundle\u0026tag=v0.10.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"product_id": "rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.10.2-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"product_id": "rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.10.2-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"product": {
"name": "rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"product_id": "rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"product_identification_helper": {
"purl": "pkg:oci/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/volsync-rhel9\u0026tag=v0.10.2-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64"
},
"product_reference": "rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
},
"product_reference": "rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-16T18:36:58+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0386"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-16T18:36:58+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0386"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2024-53259",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2024-12-02T17:01:10.568793+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2329991"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Quic-Go where an attacker can inject malicious data into network packets, potentially allowing them to cause harm. The issue arises from a configuration option used by some affected versions of the code that sends out information about packet size limitations. As a result, when Quic-Go attempts to send a packet larger than it claims to be able to handle, the operating system will reject it due to a \"message too large\" error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-53259"
},
{
"category": "external",
"summary": "RHBZ#2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-53259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50",
"url": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/pull/4729",
"url": "https://github.com/quic-go/quic-go/pull/4729"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2",
"url": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr",
"url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr"
}
],
"release_date": "2024-12-02T16:12:40.605000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-16T18:36:58+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0386"
},
{
"category": "workaround",
"details": "Use iptables to drop ICMP unreachable packets.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/volsync-operator-bundle@sha256:1cec6197368b7d5a9712b89786d2b17185081a53ade8a693557da580686007bc_amd64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:1cb132539aa8a0ecb5bf395db48306adcb0ec66deec5c257f54c223b721a65bc_arm64",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:6a041d90d24a4463ee7bc08148ec8c1e811c1b02d9028d66e54ba8be479ae13b_ppc64le",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:86e1cc2f2abbcf13e1a104b1d985c8d7685a6c66fb6f2770bb38da165a597848_s390x",
"9Base-RHACM-2.11:rhacm2/volsync-rhel9@sha256:c619a9bde6e0afce2dde87fcbc27148dc9ccf83f522662499e0031315a731ce3_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux"
}
]
}
RHSA-2025:4250
Vulnerability from csaf_redhat - Published: 2025-04-28 16:10 - Updated: 2026-05-28 10:51Summary
Red Hat Security Advisory: RHSA: Submariner 0.19.4 - bug fix and enhancement update
Severity
Important
Notes
Topic: Submariner 0.19 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.12.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details: Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
This advisory contains bug fixes and enhancements to the Submariner container images.
Security fix(es):
* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux Security (CVE-2024-53259)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws Security (CVE-2025-22868)
* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing Security (CVE-2025-30204)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Quic-Go where an attacker can inject malicious data into network packets, potentially allowing them to cause harm. The issue arises from a configuration option used by some affected versions of the code that sends out information about packet size limitations. As a result, when Quic-Go attempts to send a packet larger than it claims to be able to handle, the operating system will reject it due to a "message too large" error.
6.5 (Medium)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.
7.5 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
28 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Submariner 0.19 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.12.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.\n\nThis advisory contains bug fixes and enhancements to the Submariner container images.\n\nSecurity fix(es):\n\n* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux Security (CVE-2024-53259)\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws Security (CVE-2025-22868)\n* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing Security (CVE-2025-30204)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:4250",
"url": "https://access.redhat.com/errata/RHSA-2025:4250"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4250.json"
}
],
"title": "Red Hat Security Advisory: RHSA: Submariner 0.19.4 - bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-05-28T10:51:39+00:00",
"generator": {
"date": "2026-05-28T10:51:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:4250",
"initial_release_date": "2025-04-28T16:10:25+00:00",
"revision_history": [
{
"date": "2025-04-28T16:10:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-04-28T16:10:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T10:51:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.12::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"product_id": "rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"product_id": "rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"product_id": "rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.19.4-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"product_id": "rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"product_id": "rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.19.4-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"product_id": "rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"product_id": "rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.19.4-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"product_id": "rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"product_id": "rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"product_id": "rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.19.4-1"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.19.4-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"relates_to_product_reference": "9Base-RHACM-2.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9",
"product_id": "9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64",
"relates_to_product_reference": "9Base-RHACM-2.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53259",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2024-12-02T17:01:10.568793+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2329991"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Quic-Go where an attacker can inject malicious data into network packets, potentially allowing them to cause harm. The issue arises from a configuration option used by some affected versions of the code that sends out information about packet size limitations. As a result, when Quic-Go attempts to send a packet larger than it claims to be able to handle, the operating system will reject it due to a \"message too large\" error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-53259"
},
{
"category": "external",
"summary": "RHBZ#2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-53259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50",
"url": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/pull/4729",
"url": "https://github.com/quic-go/quic-go/pull/4729"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2",
"url": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr",
"url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr"
}
],
"release_date": "2024-12-02T16:12:40.605000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-28T16:10:25+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4250"
},
{
"category": "workaround",
"details": "Use iptables to drop ICMP unreachable packets.",
"product_ids": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-28T16:10:25+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4250"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-30204",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-03-21T22:00:43.818367+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2354195"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "RHBZ#2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3553",
"url": "https://pkg.go.dev/vuln/GO-2025-3553"
}
],
"release_date": "2025-03-21T21:42:01.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-04-28T16:10:25+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4250"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have a recommended mitigation at this time.",
"product_ids": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:0d1b411f4e937b7a1a230186188a078eb137fc61111da5f0c5a1d9e6409c0514_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:153e86892abbdd33fb76d6841b59974617e7a4a59a6f60c9607a6dd9c15b1e25_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:9672a743b82e40b777ecb3f2773951ad1858157d34c15d0d2d1ba10c871c5bac_arm64",
"9Base-RHACM-2.12:rhacm2/lighthouse-agent-rhel9@sha256:cdbd32a25d7e78e387df5fc048e359cb2c3e36d4bc437f1a14383105beeecfb5_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:0821ae89e222c9c4fd215e44631cb9ed9f2e77e8da6f1498c8e708825fc3c2d8_amd64",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:72c566f6c480170a206d9e1434a8b47a9e4d84a9fdb2e312e5d502ededb97afc_s390x",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:c091237cbdb4f818a86bd0bee492e9008793c2446f85bbb0334a98d396edc448_ppc64le",
"9Base-RHACM-2.12:rhacm2/lighthouse-coredns-rhel9@sha256:d4f1086f745bc6409cbf38277633bddfef5e0270de4f51b9e88e651d4a3a584b_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:3e649528e81edc73ca8caee8bfa730e2ed1b6cc10c99943724b010d6a56f55a8_s390x",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:6ddff743547d3aa2d0dc93007ca0b6b6f8baacd21eb9a53690f056011a98a764_ppc64le",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:908cba644740fddf4809135228e23e5ac624625ef3ca1e7d31d3845be1602edd_arm64",
"9Base-RHACM-2.12:rhacm2/nettest-rhel9@sha256:bf5bdc879ad55b6a4ba0b03b9da575fd982d8e8aafcce60efd29694e5c1a983a_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:1b90a79b648623172805b9eb1a4d63e6429fa79d6b536f3f43443560828c39b2_amd64",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:238263fb1af94c9a10cf9339ce6b33413491ed8f6b417f850bef23c12c3d7c7c_s390x",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:369a7e1d76f1fd8401357b78d03b1b2f32573654ddd86beb779d5dfef1f0b0c9_ppc64le",
"9Base-RHACM-2.12:rhacm2/subctl-rhel9@sha256:d03dc9e7b5b2134279e464b015442b1db9b091fc798f3b4110d13ff694d560b0_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:0bfad6a2fd4d557915c44965936bf7ee3ee304ab0e8b8245f0f551030cf566b2_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:b31742bf606a5bb5b05f460eebfa751241c5004e39ba3560ecff6c15f82dbfc9_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:c7f08f3fd694c878fd903090933d3dff9d9dbf713f2696e0fd1231cffef34d87_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-gateway-rhel9@sha256:ed0b594733e2c19e976a2b602eaeb7e9319a115dacf1b1d9619064a485a05d4f_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:0abe0ef32337853b5cbf5eaaa5c3cf6bbcd5d2c6484cbb265e2c919b8ad17575_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:55ac745945e924b38666c6e4e782e428848e0697f7ea20a4ff9d59904a6f9c64_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:acd2c964450fe81ca59310593c5c875de75726c8db6b37b2a499f46413babee6_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-globalnet-rhel9@sha256:c8aff2edbed7f183ddb6f5e230e01595741ce6e60c9281c61ccabe62d1e175bf_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:5cf619c86ce2d7d8cb8557e74f61f01b9c3f6b4d56737a424d8113e44423b9e8_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:a9d4315960012d229c77bb479fd714168418a436eb6bfafc12b3b8e9245839cc_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:f6de1136ced78ddf1ff48fdadc259c251919dd3a70819fe0e9247411999d51f3_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-operator-bundle@sha256:fddfabf50f1ea179034a15385b6ba094171bc6e6340ab2cb05ae9d78f1d8d53c_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:157c9a6fa28e490d4dda85daf246a2fd37abb4b908ecf455acf8d5c688979e7d_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:6f99a0ded7e8c0f94f22a8348e336f0fd6602fff1cadc418ccb6e316fc91913b_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:871f6ce54a34ade66f5a7217cb6c19103a588bd8988c48535a45e079a565fbce_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-rhel9-operator@sha256:e1ce75b37041af1836c2ef43e2eaacab6d12b5d65330f22e707011f883e8dda8_amd64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:1f2f12b13795f983c984ec2e8c1ca6416bd390c1c299d12abf62c9405832ca3f_ppc64le",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:358423905d09188c4af1d253e2b2e3a6d95a6663744e06abda5b0768510611f3_s390x",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:82bb803529592e447bc710c04c40e028f6cf6492101f0dd9fe4de787398a9ba3_arm64",
"9Base-RHACM-2.12:rhacm2/submariner-route-agent-rhel9@sha256:a7bdfd9d4937299a462f1b6596e68d16df7d3f77d5c1d76cf8ea9098c503e8fb_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
}
]
}
RHSA-2025:4810
Vulnerability from csaf_redhat - Published: 2025-05-12 15:04 - Updated: 2026-05-28 10:52Summary
Red Hat Security Advisory: RHSA: Submariner 0.18.5 - bug and security update
Severity
Important
Notes
Topic: Submariner 0.18 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.11.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details: Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
This advisory contains bug fixes and enhancements to the Submariner container images.
Security fix(es):
* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux (CVE-2024-53259)
* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
* crypto/internal/nistec: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.
5.9 (Medium)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in Quic-Go where an attacker can inject malicious data into network packets, potentially allowing them to cause harm. The issue arises from a configuration option used by some affected versions of the code that sends out information about packet size limitations. As a result, when Quic-Go attempts to send a packet larger than it claims to be able to handle, the operating system will reject it due to a "message too large" error.
6.5 (Medium)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Golang crypto/internal/nistec package. Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Considering how this function is used, this leakage is likely insufficient to recover the private key when P-256 is used in any well-known protocols.
5.3 (Medium)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, ".")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.
7.5 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.
7.5 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
44 references
Acknowledgments
jub0bs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Submariner 0.18 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.11.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in the cloud.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.\n\nThis advisory contains bug fixes and enhancements to the Submariner container images.\n\nSecurity fix(es):\n\n* quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux (CVE-2024-53259)\n* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\n* crypto/internal/nistec: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec (CVE-2025-22866)\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:4810",
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "2344219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344219"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4810.json"
}
],
"title": "Red Hat Security Advisory: RHSA: Submariner 0.18.5 - bug and security update",
"tracking": {
"current_release_date": "2026-05-28T10:52:30+00:00",
"generator": {
"date": "2026-05-28T10:52:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2025:4810",
"initial_release_date": "2025-05-12T15:04:37+00:00",
"revision_history": [
{
"date": "2025-05-12T15:04:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-12T15:04:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-28T10:52:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.11::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat ACM"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"product_id": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"product_id": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"product_id": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"product_id": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"product_id": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"product_id": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"product_id": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"product_id": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"product": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"product_id": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"product": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"product_id": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"product": {
"name": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"product_id": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"product": {
"name": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"product_id": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"product": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"product_id": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"product": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"product_id": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"product": {
"name": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"product_id": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=v0.18.5-4"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"product": {
"name": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"product_id": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=v0.18.5-3"
}
}
},
{
"category": "product_version",
"name": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"product": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"product_id": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=v0.18.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64"
},
"product_reference": "rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le"
},
"product_reference": "rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x"
},
"product_reference": "rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64"
},
"product_reference": "rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64"
},
"product_reference": "rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le"
},
"product_reference": "rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x"
},
"product_reference": "rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le"
},
"product_reference": "rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"relates_to_product_reference": "9Base-RHACM-2.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9",
"product_id": "9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
},
"product_reference": "rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64",
"relates_to_product_reference": "9Base-RHACM-2.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45336",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-01-23T12:57:38.123000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2341751"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45336"
},
{
"category": "external",
"summary": "RHBZ#2341751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/70530",
"url": "https://github.com/golang/go/issues/70530"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI",
"url": "https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI"
}
],
"release_date": "2025-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect"
},
{
"cve": "CVE-2024-53259",
"cwe": {
"id": "CWE-345",
"name": "Insufficient Verification of Data Authenticity"
},
"discovery_date": "2024-12-02T17:01:10.568793+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2329991"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Quic-Go where an attacker can inject malicious data into network packets, potentially allowing them to cause harm. The issue arises from a configuration option used by some affected versions of the code that sends out information about packet size limitations. As a result, when Quic-Go attempts to send a packet larger than it claims to be able to handle, the operating system will reject it due to a \"message too large\" error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-53259"
},
{
"category": "external",
"summary": "RHBZ#2329991",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329991"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-53259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53259"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50",
"url": "https://github.com/quic-go/quic-go/commit/ca31dd355cbe5fc6c5807992d9d1149c66c96a50"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/pull/4729",
"url": "https://github.com/quic-go/quic-go/pull/4729"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2",
"url": "https://github.com/quic-go/quic-go/releases/tag/v0.48.2"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr",
"url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-px8v-pp82-rcvr"
}
],
"release_date": "2024-12-02T16:12:40.605000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "workaround",
"details": "Use iptables to drop ICMP unreachable packets.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quic-go: quic-go affected by an ICMP Packet Too Large Injection Attack on Linux"
},
{
"cve": "CVE-2025-22866",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-02-06T17:00:56.155646+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2344219"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Golang crypto/internal/nistec package. Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Considering how this function is used, this leakage is likely insufficient to recover the private key when P-256 is used in any well-known protocols.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22866"
},
{
"category": "external",
"summary": "RHBZ#2344219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866"
},
{
"category": "external",
"summary": "https://go.dev/cl/643735",
"url": "https://go.dev/cl/643735"
},
{
"category": "external",
"summary": "https://go.dev/issue/71383",
"url": "https://go.dev/issue/71383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k",
"url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3447",
"url": "https://pkg.go.dev/vuln/GO-2025-3447"
}
],
"release_date": "2025-02-06T16:54:10.252000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-30204",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-03-21T22:00:43.818367+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2354195"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "RHBZ#2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3553",
"url": "https://pkg.go.dev/vuln/GO-2025-3553"
}
],
"release_date": "2025-03-21T21:42:01.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-12T15:04:37+00:00",
"details": "To learn more about Submariner, see https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_management_for_kubernetes/2.11/html/networking/networking#submariner.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:4810"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have a recommended mitigation at this time.",
"product_ids": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:389bf258c46a2fc3bd38d2d27eaca11ffd8148d477ab851af59643b4d1f32d80_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:81a4e35a991045c573f3ee5e684390617c289f9f4e0fbbf78a7e55441ebcfffa_ppc64le",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:83336a9d35b707e9a91868916882e008156f3633f23349fd52e1f26e381224ec_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-agent-rhel9@sha256:cb5f236b34ebb961bbb459aade268cb75659092cdfb3e112990c8c19f6456f20_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:2ed5bbd3796d6eba8f287d12b7c5f71a4d5e720b68bf0f2f24e3076c66452070_s390x",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:76961e9f6469568b405698446d3637e7e292797b27246803061024b4750d5fa7_arm64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:7e79eb64d94b0acd167292f2a2c9a2a031661962b72d03dae9352a0eea40565f_amd64",
"9Base-RHACM-2.11:rhacm2/lighthouse-coredns-rhel9@sha256:aca3e04ec4d68baadb49ee2a7f08855f6ef723b020555e8fb098ceedf81e97df_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:130ffbe938cc136c9f112b2fdb0c6dd6f3712e46e39a7f9c6ce06d45f89ceee4_amd64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:2f9da5aaeafa4c6f21b81e34afd141694f09346567c0424d9ee6d9f7f3be5e1f_ppc64le",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:3fbf280a51d788d1e861aa72231bc63142aab2db08e2d358b68f10af1926d76d_arm64",
"9Base-RHACM-2.11:rhacm2/nettest-rhel9@sha256:febf756fb1e4b5d794dfc65be682a84bfae872cbcf897f46b3dd45061d1fd4f1_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:02ca4183da204f63a74c592e51c5515afddd3a995b7016689ab84e3cca35eee7_s390x",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:085ae9ff5dfa4e3f1d961d019d28c6e7a99abff4e3c185852c6547cd17f81136_arm64",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:276b6bfc9a9fd9fbe04bf6f57c8f07eb66f43ab587acdd351d519b503b6e4aa1_ppc64le",
"9Base-RHACM-2.11:rhacm2/subctl-rhel9@sha256:3b2bd11ed4fa07acd850b31e58e44576fc18a15f051d0ab87bfeca27429d00fb_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:1736510c77d31f44c41a6296247c23ed6233edd24d34e0bce154294491f4be3d_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:a049449a67ee5c9d4fee19b7dafc087f3647438a8ebfc94afd13409817f7ae11_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:cd0ef43fabb276b20e4984c0b0872a71e2895ce0c10c5cc02648237297429884_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-gateway-rhel9@sha256:d1c68df738f63ecdedcfa31105bd542b70652bbc5e380d371fbfd2f2b07147f5_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:288dde5c26721a63b3d7db538f9f13e0672fdc01d7d2d0d28ba8495ddc855f26_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:68d4c8d48073e15519ea25ea149f13cbfeb4513ca2cfc115108195d30847ee54_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8ae3f309e90f4e96fa43cb402604c3a592befe53278194645b3161425d385b95_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-globalnet-rhel9@sha256:8d74068d66452a5670ee261bd750965a2e866a85fb6910cad3da73caa4fa3db7_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:4026f2e4eb01326b964fc9af1d29fa0d1492847c3434d6c0b78c354e1046768c_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:7a23eb13e0197b73cf2bb105a8ea038ae9c21904789c489ac56f54dea6b3ed95_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:b7ea8fedc18e390e971994a9759542d543c09699eb382d5fe982cb1e8ee5b285_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-operator-bundle@sha256:d0f3266a59134031aab23284ea1154d6dcac84f49b7f8645d73c9b889126debb_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:1166829081e0697db0ff7b348e9b96cbe63a9382d7534e6ab093527e91b87fe2_amd64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:43e7870f68c3fd5f7e14188cc0395a27863a4c8bdc01ac9d92c3c3dc54974aeb_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:846d8be26dd856197b1772a3f6c1cf6ee205c9c2e79ba3ccda1f473cdc9853ca_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-rhel9-operator@sha256:9d3dfd05f7eea812e4e6cfb0fb69c3c6b869dd372af4eaa24c7c794c8a896a04_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:733030d58413e7341c89e0d501c0fc7b2be8d5063c635560a5af62afe1120b15_s390x",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:89d65541a21a7d44bef87539762ea6c28d8768c6bc0292bb5956d801d57943fa_ppc64le",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:bae84a09c4cf3b5160d737f05c4dc552827ed0f4b1cbdce56719a10cf57395da_arm64",
"9Base-RHACM-2.11:rhacm2/submariner-route-agent-rhel9@sha256:f5b723ae4deed730a1def563565cc0bb0a04e8fa59d2417aa974f8ef473f1380_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…